Staggering 133 percent increase in stolen, lost or compromised records over H1 2017; Social media incidents account for over 56 percent of records breached; 65 percent of data breach incidents involved identity theft
Gemalto released the latest findings of the Breach Level Index, a global database of public data breaches, revealing 945 data breaches led to 4.5 billion data records being compromised worldwide in the first half of 2018. Compared to the same period in 2017, the number of lost, stolen or compromised records increased by a staggering 133 percent, though the total number of breaches slightly decreased over the same period, signaling an increase in the severity of each incident.
A total of six social media breaches, including the Cambridge Analytica-Facebook incident, accounted for over 56 percent of total records compromised. Of the 945 data breaches, 189 (20 percent of all breaches) had an unknown or unaccounted number of compromised data records.
The Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted. By assigning a severity score to each breach, the Breach Level Index provides a comparative list of breaches, distinguishing data breaches that are not serious versus those that are truly impactful.
According to the Breach Level Index, almost 1 billion data records have been exposed in India since 2013, when the index began benchmarking publicly disclosed data breaches. During the first six months of 2018, almost 1 billion records were compromised in Aadhar breach incident, including name, address and other personally identified information. This is particularly concerning, since the stolen, lost or compromised data records of only one out of 12 breaches were protected by encryption to render the information useless, a zero percent compared to the first six months of 2017.
“Obviously, this year social media has been the top industry and threat vector for the compromise of personal data, a trend we can expect to continue with more and more sectors leveraging these platforms to reach key audiences, especially political teams gearing up for major elections,” said Jason Hart, vice president and chief technology officer for data protection at Gemalto. “We also expect to see more data breaches reported by European Union countries bound by the new General Data Protection Regulation and in Australia with the new Notifiable Data Breaches law. We should be careful not to misconstrue this as an increase in overall incidents in these areas but rather as a more accurate reflection of what is actually going on.”
Europe saw 36 percent fewer incidents but a 28 percent increase in the number of records breached indicating growing severity of attacks. The United Kingdom remains the most breached country in the region. With the General Data Protection Regulation in full effect for the second half of 2018, the number of reported incidents could begin to rise.