Risk Based Security published a report on data breaches for 2016. The year set records and saw more major businesses — like Yahoo — successfully attacked.
• Data breaches exposed 4.3 billion records
• That’s up from the old record of 1 billion in 2013
• Yahoo’s breach alone saw 1.5 billion records compromised
Inga Goddijn is the executive vice president of Risk Based Security. She said, “We have been tracking breach activity since 2005, and the number of breaches this year was not really higher or lower than prior years, but the severity was off the charts.”
• The average data breach in 2016 involved 101 to 1,000 records
• In 2015 that number was 1 to 100 records
• The number of breaches topping 1 million records or more hit 94 in 2016
• That’s up from 60 in 2015 and 34 in 2014
• Hackers got email addresses, passwords and names from most
• Hacking accounted for 93% of all exposures
• The rest were misconfigured websites and leaks
The report said business services, retail and technology accounted for 30% of the breaches.
A report from the Identify Theft Resource Center took a different angle:
• It found 1,093 data breaches in 2016
• A 40% hike from 2015
Yahoo, Wendy’s and the Democrat National Committee — and depending on who you ask, maybe even the Republican National Committee — grabbed the hacking headlines.
Spending on hardware to secure servers and websites jumped from $68.2 billion in 2015 to $73.7 billion last year. Estimates from experts say we’ll see that figure at $90 billion by 2018.
Eva Casey Velasquez is the CEO of Identity Theft Resource Center. She said, “We are extremely confident that breaches are undiscovered and under-reported, and we don’t know the full scope. This isn’t the worst-case scenario we are looking at; this is the best-case scenario.”
Like Risk Based Security, the Identity Theft Resource Center said the target of hackers is names and passwords and Social Security numbers.
By the way, a huge percentage — 56% — of breaches are from phishing when an employee gets an email they are tricked into opening. That’s up from 38% in 2015.
“When we look at these massive numbers of records and percentages, it’s very easy to forget that each of these data points is a person, and there’s someone behind this who is being very adversely affected,” Velasquez said.
Source links: eWeek, PropertyCasualty360.com