Breach Activity Down in 2018 Versus 2017, New Data Shows

Last year was the second most active year for publicly disclosed breaches, according to a new report by Richmond, Virginia-based breach-intelligence firm Risk Based Security.

Through December 31, there were 6,515 reported breaches, which was a 3.2% decrease from 2017. In 2018, breaches exposed about five billion records — about 36% fewer than in 2017. Twelve breaches in 2018 exposed 100 million or more records, Risk Based Security said.

The numbers for 2018 could go higher, the company warned. “New data continues to come to light, and while we expect the number of records exposed to remain below 6 billion, it is possible the number of incidents will ultimately exceed 2017,” it said.

“It’s been an unusual year for breach activity,” Risk Based Security EVP Inga Goddijn said. “We’ve been monitoring breach events for more than a dozen years now and this is the first time we’ve observed a slow start to the year following by a growing number of disclosures as the months pass. We suspect various factors including the allure of crypto mining had an impact on breach activity early in the year, but disclosures rebounded throughout the summer and into the last quarter.”

Emails & Passwords Frequently Exposed

Exposed most often were email addresses (61%), passwords (57.1%), names (26.8%) and miscellaneous information (20.6%). Addresses, Social Security numbers, credit card numbers, account numbers, birthdays, financial information and phone numbers were exposed in 15% of breaches, according to the data.

Hackings were the largest kind of data breach, accounting for 4,508 breaches in 2018. Skimming was a distant second, at 453 breaches. Web breaches, phishing and viruses or malware each caused fewer than 300 breaches during the year, according to Risk Based Security.

In terms of the number of records exposed in 2018, however, web breaches were the biggest causes, accounting for 39.3% of exposed records. Only 28.2% of the records exposed in 2018 were due to hacking. Another quarter (25.3%) were exposed due to fraud. Data mishandling was the cause behind 6.7% of exposed records.

American Finance & Insurance Sector Hit

Overall, the business sector accounted for about two-thirds (66.2%) of breached organizations that could be classified in 2018; government entities were another 13.9%, followed by organizations in the medical sector (13.4%) and in education (6.5%). The finance and insurance sector accounted for 16.6% of the incidents, according to the data.

“This year, nearly half of identified breaches could not be definitively traced back to a country of origin,” the report also said. “North America, the United Kingdom, European Union member countries and India collectively accounted for 72.7% of all records exposed.”

About a quarter of breached organizations were unwilling or unable to disclose the number of records exposed in their breaches, according to the study.

“Not only are insider mistakes exposing more records than malicious outsiders, organizations appear to be struggling to find breaches and close the gap between discovery of the incident and reporting it,” the report added. “Could there be a correlation between discovery method and time to disclose? It seems likely organizations that are better able to uncover breaches would also be better prepared to respond.”