Breaches on Consistent Pace through Q3

Monday, November 12, 2018 @ 03:11 PM gHale

There have been 3,676 publicly disclosed data compromise events through September 30 which resulted in 3.6 billion records exposed, a new study found.

That said, breach activity continues at a consistent pace for 2018, which although significant in level, will likely not reach the numbers seen in 2017, according to the 2018 Q3 Data Breach QuickView report by Risk Based Security.

RELATED STORIES
Security Spending Continues to Rise: Report
‘Too Much Information, Not Enough Intelligence’: Report
Phishing Attacks on Rise in Q3
Techniques can Expose Browsing History

“The number of reported breaches shows some improvement compared to 2017 and the number of records exposed has dropped dramatically,” said Inga Goddijn, executive vice president for Risk Based Security. “However, an improvement from 2017 is only part of the story, since 2018 is on track to have the second most reported breaches and the third most records exposed since 2005. Despite the decrease from 2017, the overall trend continues to be more breaches and more mega breaches impacting tens of millions, if not hundreds of millions, of records at once.”

A new metric Risk Based Security has been tracking in 2018 is the time interval between when a breach is discovered by the compromised organization to when the event is publicly disclosed. Overall the gap has been closing. However, looking at the averages for each of the five years, 2018 shows no improvement compared to 2017 despite mounting regulatory pressure to speed up public disclosure. With 34.5 percent of breached organizations unwilling or unable to disclose the number of records exposed, there’s clearly more progress to be made.

Hacking continues to be the leading cause of data compromise events, accounting for 57.1 percent of the disclosed breaches, however hacking is not responsible for the most records exposed. That dubious honor still belongs to Fraud, which accounts for 35.7 percent of the records exposed so far this year. Though rarely focused on, skimming is a continuing problem at ATMs and for gas station operators. Approximately 53 percent of the skimming events were discovered at ATMs and 42 percent found on gas pumps.

Key Findings:
• 3,676 breaches have been reported through September 30, exposing approximately 3.6 billion records.
• Compared to the same point in 2017, the number of reported breaches is down 8 percent and the number of exposed records is down approximately 49 percent from 7 billion.
• The business sector accounted for 38 percent of reported breaches, followed by government (8.2 percent), medical (7.8 percent) and education (3.9 percent). Nearly 43 percent of breached organizations could not be definitively classified.
• Seven breaches exposed 100 million or more records with the 10 largest breaches accounting for 84.5 percent of the records exposed year to date.
• The business sector accounted for 63.6 percent of the records exposed followed by unclassified at 34.8 percent and government at 1.4 percent. The pattern from 2017 and the first 2 quarters of 2018 remains the same, with the medical and education sectors combined accounting for less than 1 percent of the total records exposed year to date.
• Fraud remains in the top spot for the breach type compromising the most records, accounting for 35.7 of exposed records, while hacking takes the lead in number of incidents, accounting for 57.1 percent of reported breaches.
• 2018 continues to be marked by a lack of transparency, with 34.5 percent of breached organizations unwilling or unable to disclose the number of records exposed.

“After the curiously slow start to the year, we had hopes that 2018 might finally signal a change in the breach landscape. Unfortunately, it’s become clear that is not the case. In practically every way, 2018 is on track to be just as ugly as prior years. Insider actions, both in terms of malicious activity as well as mishandling assets, continue to drive the high volume of data exposed and any early signs that the number of incidents was on the decline has evaporated,” Goddijn said.

“The primary difference between 2018 and 2017 is the lack of a catastrophic event like the WannaCry and Petya/NotPetya outbreaks that left an indelible mark on 2017,” she said. “All it will take is another EternalBlue exploiting another widespread vulnerability to put us right back at at ‘worst year ever’ level of activity.”



Leave a Reply

You must be logged in to post a comment.