More than 2.5 billion records stolen or compromised in 2017
Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, today released the latest findings of the Breach Level Index, revealing that 2.6 billion records were stolen, lost or exposed worldwide in 2017, an 88% increase from 2016. While data breach incidents decreased by 11%, 2017 was the first year publicly disclosed breaches surpassed more than two billion compromised data records since the Breach Level Index began tracking data breaches in 2013.
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20180410006200/en/
Chart of Number of Breach Incidents by Type and Source (Photo: Gemalto)
To learn more about the 2017 statistics and trends, register for the upcoming webinar “New Data Breach Findings: The Year of Internal Threats and Misplaced data”
Over the past five years, nearly 10 billion records have been lost, stolen or exposed, with an average of five million records compromised every day. Of the 1,765 data breach incidents in 2017, identity theft represented the leading type of data breach, accounting for 69% of all data breaches. Malicious outsiders remained the number one cybersecurity threat last year at 72% of all breach incidents. Companies in the healthcare, financial services and retail sectors were the primary targets for breaches last year. However, government and educational institutions were not immune to cyber risks in 2017, making up 22% of all breaches.
The Breach Level Index* serves as a global database that tracks and analyzes data breaches, the type of data compromised and how it was accessed, lost or stolen. Based on data breach reports collected in the Breach Level Index, the major 2017 highlights include:
- Human error a major risk management and security issue: Accidental loss, consisting of improper disposal of records, misconfigured databases and other unintended security issues, caused 1.9 billion records to be exposed. A dramatic 580% increase in the number of compromised records from 2016.
- Identity theft is still the number one type of data breach: Identity theft was 69% of all data breach incidents. Over 600 million records were impacted resulting in a 73% increase from 2016.
- Internal threats are increasing: The number of malicious insider incidents decreased slightly. However, the amount of records stolen increased to 30 million, a 117% increase from 2016.
- What a nuisance: The number of records breached in nuisance type attacks increased by 560% from 2016. The Breach Level Index defines a data breach as a nuisance when the compromised data includes basic information such as name, address and/or phone number. The larger ramification of this type of breach is often unknown, as hackers use this data to orchestrate other attacks.
"The manipulation of data or data integrity attacks pose an arguably more unknown threat for organizations to combat than simple data theft, as it can allow hackers to alter anything from sales numbers to intellectual property. By nature, data integrity breaches are often difficult to identify and in many cases, where this type of attack has occurred, we have yet to see the real impact,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. In the event that the confidentiality, or privacy, of the data is breached, an organization must have controls, such as encryption, key management and user access management, in place to ensure that integrity of the data isn’t tampered with and it can still be trusted. Regardless of any concerns around manipulation, these controls would protect the data in situ and render it useless the moment it's stolen.”
Data Breaches by Type
Identity theft was the leading type of data breach, accounting for 69% of all incidents constituting 26% of breached data in 2017. The second most prevalent type of breach was access to financial data (16%). The number of lost, stolen or compromised records increased the most for nuisance type of data breaches (560%) which constituted 61% of all compromised data. Account access and existential type breaches decreased both in incidents and records from 2016.
Data Breaches by Industry
In 2017, the industries that experienced the largest number of data breach incidents were healthcare (27%), financial services (12%), education (11%) and government (11%). In terms of the amount of records lost, stolen or compromised, the most targeted sectors were government (18%), financial services (9.1%) and technology (16%).
Data Breaches by Source
Malicious outsiders were the leading source of data breaches, accounting for 72% of breaches, however making up only 23% of all compromised data. While accidental loss was the cause of 18% of data breaches, it accounted for 76% of all compromised records, an increase of 580% from 2016. Malicious insider breaches were 9% of the total number of incidents, however this breach source experienced a dramatic increase (117%) in the number of compromised or stolen records from 2016.
“Companies can mitigate the risks surrounding a breach through a ‘security by design’ approach, building in security protocols and architecture at the beginning,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. “This will be especially important, considering in 2018 new government regulations like Europe’s General Data Protection Regulation (GDPR) and the Australian Privacy Act (APA) go into effect. These regulations require companies to adapt a new mindset towards security, protecting not only their sensitive data but the privacy of the customer data they store or manage.”
*The Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted. By assigning a severity score to each breach, the Breach Level Index provides a comparative list of breaches, distinguishing data breaches that are a not serious versus those that are truly impactful (scores run 1-10).
Breach Level Index Resources:
- For a full summary of data breach incidents by industry, source, type and geographic region, download the 2017 Breach Le vel Index Re port
- Download the infographic
- Visit the BLI website here
- Register for the webinar- New Data Breach Findings: The Year of Internal Threats and Misplaced data
Gemalto (Euronext NL0000400653 GTO) is the global leader in digital security, with 2017 annual revenues of €3 billion and customers in over 180 countries. We bring trust to an increasingly connected world.
From secure software to biometrics and encryption, our technologies and services enable businesses and governments to authenticate identities and protect data so they stay safe and enable services in personal devices, connected objects, the cloud and in between.
Gemalto’s solutions are at the heart of modern life, from payment to enterprise security and the internet of things. We authenticate people, transactions and objects, encrypt data and create value for software – enabling our clients to deliver secure digital services for billions of individuals and things.
Our 15,000 employees operate out of 114 offices, 40 personalization and data centers, and 35 research and software development centers located in 47 countries.
Gemalto media contacts:
+1 512 257 3916
Europe Middle East & Africa
+33 4 42 36 57 38
+65 6317 3005
Om Business Wire
(c) 2018 Business Wire, Inc., All rights reserved.
Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.
Følg saker fra Business Wire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Business Wire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Business Wire
Elliott Statement on Proposal to Uniper21.3.2019 07:00:00 CET | Pressemelding
Elliott Advisors (UK) Limited (“Elliott”) has written to the Management Board of Uniper SE (the “Company” or “Uniper”), to formally request the convocation of an Extraordinary General Meeting (“EGM”) with the express purpose of instructing management to prepare a lawful domination agreement with the Company’s largest shareholder Fortum Oyj (“Fortum”). Elliott believes the thus far ill-defined and ambiguous nature of the relationship between Uniper and Fortum has created an unsatisfactory and unsustainable dynamic, which is detrimental to Uniper. In Elliott’s view, the status quo – operational underperformance and pervasive uncertainty – if sustained, will risk further undermining the Company’s fundamental value. Elliott believes a timely shareholder vote to advance a domination agreement may resolve the prolonged uncertainty at Uniper and clarify the relationship between the Company and Fortum, such that value can be created for the Company and all stakeholders. Elliott believes that F
Key UK SEP Patent Win for TQ Delta20.3.2019 19:03:00 CET | Pressemelding
TQ Delta LLC, a technology development and licensing firm, secured a judgment on March 18 by the High Court of Justice of England and Wales immediately enjoining ZyXEL Communications UK Ltd and its Danish parent company, ZyXEL Communications A/S, from further infringement of TQ Delta's European Patent (UK) 1 453 268. TQ Delta's patent relates to Digital Subscriber Line ("DSL") technology. In an earlier judgment, handed down on March 12, the Court found that the patent was valid and essential to the operation of ADSL2 and VDSL2. In that judgment, the Court held that the ZyXEL defendants have infringed and continue to infringe the patent. The Court also found that a second patent would have also been essential and infringed but was invalid. In its judgment earlier this week, the Court also found that the ZyXEL defendants were "holding out" against taking a licence to TQ Delta's portfolio of patents relating to DSL. It granted an immediate injunction and costs against the ZyXEL defendants
Lehman Brothers Treasury Announces the Successful Auction of a Portion of its Intercompany Claim against Lehman Brothers Holdings Inc.20.3.2019 18:15:00 CET | Pressemelding
In connection with its previously announced partial wind-down, Lehman Brothers Treasury Co. B.V. in liquidation (“LBT”), through its U.S. counsel Kramer Levin Naftalis & Frankel LLP, announced that its placement agent, Seaport Loan Products LLC, successfully concluded an auction of a US$10,475,844,413 portion of LBT’s US$34,548,000,000 intercompany claim (the “Intercompany Claim”) against Lehman Brothers Holdings Inc. for a total gross purchase price of US$179,472,166. The sale is expected to close during the first week of April 2019. The net proceeds of the sale (after deducting various sale-related costs and expenses), together with certain available cash, will be used to fund a final distribution to creditors of LBT who do not receive substitute notes as a result of LBT’s prior solicitation process. For more information on the partial wind-down, including information about the Intercompany Claim sale, the final cash distribution, and anticipated timelines, an Information Notice has
Susan Ochs Joins PSB as Global Head, Financial Services20.3.2019 17:34:00 CET | Pressemelding
PSB, a global research-based consultancy, announced today that Susan Ochs has joined the firm as Senior Vice President and Global Head, Financial Services, effective immediately. Ochs is based in New York and is responsible for the global development of the financial services practice and will contribute to other industry practices as well. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20190320005671/en/ Susan Ochs, SVP, Global Head, Financial Services, PSB (Photo: Business Wire) “We are proud of the amazing brands we currently partner with across the financial sector,” said Mike Chuter, CEO, PSB, to whom Ochs reports. “With Susan’s combination of private and public finance expertise we’ll be able to deliver even more meaningful insights to our current and future partners. We are delighted to welcome Susan and are excited about the deep experience she brings.” Ochs has more than two decades of experience across the financial
Corsair Infrastructure Partners Announces Long Term Investments by HarbourVest Partners20.3.2019 14:35:00 CET | Pressemelding
Corsair Infrastructure Partners (“CIP”), the global infrastructure investment business of Corsair Capital (“Corsair”), today announced that HarbourVest Partners (“HarbourVest”), a leading institutional investor active across multiple asset classes and geographies, has invested in three new CIP-managed funds established to deploy capital in the aviation, port, and road sectors. Earlier this year, CIP’s new funds closed on the acquisitions of shareholdings in three platform companies – the airport developer Vantage Airport Group, the Australian stevedore DP World Australia, and the Spanish toll-road operator Itínere Infraestructuras – from various selling shareholders including Gateway Infrastructure Investments, a legacy CIP-managed vehicle. The investments from HarbourVest come from a long-term pool of institutional capital dedicated to supporting infrastructure equity sponsors like CIP, and will play an important role in the execution of CIP’s growth strategies for all three platforms
Fishawack continues to build best-in-class service offering with Dudnyk acquisition20.3.2019 13:00:00 CET | Pressemelding
Fishawack, a leading independent healthcare communications specialist, is excited to announce its acquisition of Dudnyk, the Philadelphia-based healthcare communications agency. Dudnyk is an award-winning, full-service agency that specializes in creating insight-driven, authentic brand experiences that unite specialty physicians and their patients. They leverage strategic, scientific, and creative capabilities to serve clients in the biotech, pharmaceutical, and medical device industries. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20190320005204/en/ Dudnyk leadership team includes Christopher Tobias, PhD, President; Laurie Bartolomeo, EVP, Creative Director; Drew Desjardins, EVP, Chief Strategy Officer; Annemarie Armstrong, EVP, Director of Client Services; John Kemble, EVP, Creative Producer. (Photo: Business Wire) Fishawack’s goal is to increase the range of healthcare communications services that it can offer to commerc