Hacking regained the top incident type spot, representing 37% of total breaches in May and an 8% increase over April figures in the San Diego-based Identity Theft Resource Center’s monthly report.
Of these breaches, malware represented nearly 40% of those breaches identified as hacking followed by phishing at 31%. So far for 2018 the total number of breaches equals 522; the total number reported breached records equals 17,604,029.
Unauthorized access accounted for 23% of the overall number breaches in May, down 8% from April’s figures and was the second highest method of breach. “Last month we shared that the lack of detailed information in many data breach notification letters makes it difficult to clearly determine how companies define ‘unauthorized access,’” the report stated. This may include companies with hacked data. “We will continue to monitor the trends in breaches reported as “hacking” versus those reported as ‘unauthorized access.’”
The third highest method of compromise was accidental web/internet exposure, at 15%. This is a year-to-date high for this type of intrusion. Data on the move—while representing only 3% of the overall number of breaches in May— exposed more than 12% total records compromised for the month. Data on the move refers to when a storage device leaves its normal location.
The business sector again topped the list with 39% of the overall number of breaches affecting this industry. The medical/healthcare industry, which experienced a 6% drop from April figures, ranked second at 35%, followed by the banking/credit/financial at 13%, the same as April. Many breaches have an indirect effect on the banking industry.
Both the education and business sectors saw hacking as the number one method of attack at 50% and 43% respectively of breaches categorized as hacking incidents affecting those industries. The financial industry experienced equal hits by both hacking and unauthorized access, at 40%. The medical/healthcare sector, also affected the most by hacking with one-third of the breaches in this sector falling into this category.
Accidental web/internet exposure was the second largest method of compromise (22% of breaches) in the medical/healthcare sector, but the number one industry hit by this type of compromise at a whopping 55% of breaches caused by accidental web/internet exposure. The government/military sector experienced an equal number of unauthorized access, accidental web/internet exposure and data on the move, all at 29%. Data on the move only affected the government/military sector this month.
Notable May breaches included LifeBridge Health and LifeBridge Potomac Professionals, which were victims of malware infecting servers hosting electronic medical records, patient registration and billing systems. According to their notification to the California Attorney General’s office, the potentially accessed information exposed 538,000 records including patients’ names, addresses, dates of birth, diagnoses, medications, clinical and treatment information, insurance information, and Social Security number[s].
Another May breach involved MedEvolve, which experienced a data leak because of a misconfigured FTP server that was set to permit anonymous logins. This led to the online exposure of more than 200,000 records involving protected health information, of which 23,000 included SSNs.
ITRC also learned of the disappearance of U.S. Marine Corps disk in September 2017 that was not password protected or encrypted. It contained 164,000 names, SSNs, driver’s license information, ID numbers, physical descriptions of personnel, vehicle identification and plate numbers, service branch and duty information for service members, dependents, civilian federal employees, and contractors.