Business Wire

More than 2.5 billion records stolen or compromised in 2017

Del

Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, today released the latest findings of the Breach Level Index, revealing that 2.6 billion records were stolen, lost or exposed worldwide in 2017, an 88% increase from 2016. While data breach incidents decreased by 11%, 2017 was the first year publicly disclosed breaches surpassed more than two billion compromised data records since the Breach Level Index began tracking data breaches in 2013.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20180410006200/en/

Chart of Number of Breach Incidents by Type and Source (Photo: Gemalto)

Chart of Number of Breach Incidents by Type and Source (Photo: Gemalto)

To learn more about the 2017 statistics and trends, register for the upcoming webinar “New Data Breach Findings: The Year of Internal Threats and Misplaced data”

Over the past five years, nearly 10 billion records have been lost, stolen or exposed, with an average of five million records compromised every day. Of the 1,765 data breach incidents in 2017, identity theft represented the leading type of data breach, accounting for 69% of all data breaches. Malicious outsiders remained the number one cybersecurity threat last year at 72% of all breach incidents. Companies in the healthcare, financial services and retail sectors were the primary targets for breaches last year. However, government and educational institutions were not immune to cyber risks in 2017, making up 22% of all breaches.

The Breach Level Index* serves as a global database that tracks and analyzes data breaches, the type of data compromised and how it was accessed, lost or stolen. Based on data breach reports collected in the Breach Level Index, the major 2017 highlights include:

  • Human error a major risk management and security issue: Accidental loss, consisting of improper disposal of records, misconfigured databases and other unintended security issues, caused 1.9 billion records to be exposed. A dramatic 580% increase in the number of compromised records from 2016.
  • Identity theft is still the number one type of data breach: Identity theft was 69% of all data breach incidents. Over 600 million records were impacted resulting in a 73% increase from 2016.
  • Internal threats are increasing: The number of malicious insider incidents decreased slightly. However, the amount of records stolen increased to 30 million, a 117% increase from 2016.
  • What a nuisance: The number of records breached in nuisance type attacks increased by 560% from 2016. The Breach Level Index defines a data breach as a nuisance when the compromised data includes basic information such as name, address and/or phone number. The larger ramification of this type of breach is often unknown, as hackers use this data to orchestrate other attacks.

"The manipulation of data or data integrity attacks pose an arguably more unknown threat for organizations to combat than simple data theft, as it can allow hackers to alter anything from sales numbers to intellectual property. By nature, data integrity breaches are often difficult to identify and in many cases, where this type of attack has occurred, we have yet to see the real impact,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. In the event that the confidentiality, or privacy, of the data is breached, an organization must have controls, such as encryption, key management and user access management, in place to ensure that integrity of the data isn’t tampered with and it can still be trusted. Regardless of any concerns around manipulation, these controls would protect the data in situ and render it useless the moment it's stolen.”

Data Breaches by Type
Identity theft was the leading type of data breach, accounting for 69% of all incidents constituting 26% of breached data in 2017. The second most prevalent type of breach was access to financial data (16%). The number of lost, stolen or compromised records increased the most for nuisance type of data breaches (560%) which constituted 61% of all compromised data. Account access and existential type breaches decreased both in incidents and records from 2016.

Data Breaches by Industry
In 2017, the industries that experienced the largest number of data breach incidents were healthcare (27%), financial services (12%), education (11%) and government (11%). In terms of the amount of records lost, stolen or compromised, the most targeted sectors were government (18%), financial services (9.1%) and technology (16%).

Data Breaches by Source
Malicious outsiders were the leading source of data breaches, accounting for 72% of breaches, however making up only 23% of all compromised data. While accidental loss was the cause of 18% of data breaches, it accounted for 76% of all compromised records, an increase of 580% from 2016. Malicious insider breaches were 9% of the total number of incidents, however this breach source experienced a dramatic increase (117%) in the number of compromised or stolen records from 2016.

“Companies can mitigate the risks surrounding a breach through a ‘security by design’ approach, building in security protocols and architecture at the beginning,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto. “This will be especially important, considering in 2018 new government regulations like Europe’s General Data Protection Regulation (GDPR) and the Australian Privacy Act (APA) go into effect. These regulations require companies to adapt a new mindset towards security, protecting not only their sensitive data but the privacy of the customer data they store or manage.”

*The Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted. By assigning a severity score to each breach, the Breach Level Index provides a comparative list of breaches, distinguishing data breaches that are a not serious versus those that are truly impactful (scores run 1-10).

Breach Level Index Resources:

About Gemalto

Gemalto (Euronext NL0000400653 GTO) is the global leader in digital security, with 2017 annual revenues of €3 billion and customers in over 180 countries. We bring trust to an increasingly connected world.

From secure software to biometrics and encryption, our technologies and services enable businesses and governments to authenticate identities and protect data so they stay safe and enable services in personal devices, connected objects, the cloud and in between.

Gemalto’s solutions are at the heart of modern life, from payment to enterprise security and the internet of things. We authenticate people, transactions and objects, encrypt data and create value for software – enabling our clients to deliver secure digital services for billions of individuals and things.

Our 15,000 employees operate out of 114 offices, 40 personalization and data centers, and 35 research and software development centers located in 47 countries.

For more information visit www.gemalto.com, or follow @gemalto on Twitter.

Contact information

Gemalto media contacts:
Tauri Cox
North America
+1 512 257 3916
tauri.cox@gemalto.com
or
Sophie Dombres
Europe Middle East & Africa
+33 4 42 36 57 38
sophie.dombres@gemalto.com
or
Jaslin Huang
Asia Pacific
+65 6317 3005
jaslin.huang@gemalto.com
or
Enriqueta Sedano
Latin America
+52 5521221422
enriqueta.sedano@gemalto.com

Om Business Wire

Business Wire
Business Wire
24 Martin Lane
EC4R 0DR London

+44 20 7626 1982http://www.businesswire.co.uk

(c) 2018 Business Wire, Inc., All rights reserved.

Business Wire, a Berkshire Hathaway company, is the global leader in multiplatform press release distribution.

Følg saker fra Business Wire

Registrer deg med din epostadresse under for å få de nyeste sakene fra Business Wire på epost fortløpende. Du kan melde deg av når som helst.

Siste saker fra Business Wire

Koza Altin Welcomes Court’s Rejection of Akin Ipek’s Share Purchase Agreement13.7.2018 15:58Pressemelding

A Turkish Court has found against businessman Akin Ipek this week – ruling that a share purchase agreement, which he had submitted as vital evidence in support of his case against the Turkish state, is null and void. The matter was brought to the Ankara Commercial Court in March 2017 by Koza Holding (parent company of Koza Altin) which, according to Mr Ipek’s share purchase agreement, purportedly transferred all of its shares to Ipek Investment Limited. Koza Holding filed the lawsuit for legal recognition that the share purchase agreement is void. The ruling in Turkey follows on from an earlier judgment set down by the English High Court, which rejected Mr Ipek’s attempt to use up to £3m of UK subsidiary Koza Ltd’s money to fund a claim against the Turkish State at the International Centre for Settlement of Investment Disputes (ICSID). In the English ruling, Deputy Judge Richard Spearman QC declared the “authenticity” of the share purchase agreement as “open to very serious doubt”. The

Mindbreeze Positioned in the Leaders Quadrant of the Gartner’s 2018 Magic Quadrant for Insight Engines13.7.2018 15:27Pressemelding

Mindbreeze, a leading global provider of appliances and cloud services for information insight and applied artificial intelligence with a focus on knowledge management for leading international companies, announced today that Gartner, Inc. has positioned Mindbreeze in the Leaders quadrant of the 2018 Magic Quadrant for Insight Engines. Mindbreeze is positioned highest on the ability to execute axis. The research and advisory firm Gartner, Inc. evaluated 13 different providers from all over the world. “Understanding the meaning of information is a key priority for today’s customers. Mindbreeze InSpire leverages the full power of our sophisticated AI engine to provide actionable insights and answers ̶ not just more data. Seeing our position in the Magic Quadrant, my first reaction was ‘AWESOME’. Insight Engine was positioned the highest on the ability to execute axis and we believe that's exactly what sets us apart from our competitors. We made the bold move to focus on product innovatio

H.I.G. Capital Announces the Sale of Kondor13.7.2018 14:06Pressemelding

H.I.G. Capital (“H.I.G.”), a leading global private equity investment firm with more than €20 billion of equity capital under management, announced today that one of its affiliates has sold Kondor Limited, a specialist provider of category management solutions for audio and mobile accessory products into the retail and mobile network channels in the UK and Europe, to DCC Technology (which principally trades under the Exertis brand), part of DCC plc, the leading international sales, marketing and support services group. Terms of the transaction were not disclosed. Headquartered in Dorset, England, Kondor distributes audio and mobile accessory products to a broad range of e-tail, retail and mobile operator customers. H.I.G. invested in Kondor in 2014, and has since overseen a full reorganisation of the business. H.I.G. worked in partnership with Kondor to professionalise back office systems, develop Kondor’s access to market data, optimise the company’s product range, improve stock manag

Contactless Technology Powers Fifty Percent of Purchases at 2018 FIFA World Cup Russia™13.7.2018 09:00Pressemelding

Visa (NYSE: V), the Official Payment Services Partner of FIFA, today released an analysis of spending inside the 2018 FIFA World Cup Russia™ stadiums from the opening match on June 14 through the semi-finals on July 11. The data highlights the increased consumer adoption of innovative payment technology, as fifty percent of purchases with Visa in tournament venues utilized contactless transactions, including cards, mobile devices and wearables. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20180713005025/en/ For the 2018 FIFA World Cup Russia™, Visa is the exclusive payment service in all stadiums where payment cards are accepted. In-stadium, fans can pay with contactless Visa credit and debit cards and mobile payment services at the more than 3,500 point-of-sale terminals and 1,000 mobile concessionaires that have been equipped with the latest in payment innovation. (Photo: Business Wire) Visa cardholders on average spent 1,

Brazil Approves AerSafe for Airbus 321 Aircraft to Comply with Fuel Tank Flammability Reduction Rule12.7.2018 19:18Pressemelding

AerSale ® announced today that the National Civil Aviation Agency of Brazil (ANAC) has approved the Federal Aviation Administration’s (FAA’s) Supplemental Type Certificate (STC) for the company’s AerSafe™ system on Airbus 321 aircraft (ST04010NY), that complies with the Fuel Tank Flammability Reduction (FTFR) rule. This is the second ANAC STC approval for AerSafe, following approval on Boeing 737 CL aircraft in 2017. In the coming months, AerSafe will be expanded to cover additional aircraft types, to meet the September 2019 deadline of the ANAC regulation, Regulamento Brasileiro da Avaiação Civil (RBAC) nº 121.1117, that applies specifically to passenger aircraft that fly within or into Brazil. AerSale’s STCs for the Boeing 737 CL and NG series (ST02980NY) and Boeing 767 series (ST03599NY) have already been approved by the FAA. “We are pleased that our Latin American customers operating A320 family aircraft are now able to immediately benefit from AerSafe’s numerous advantages,” said

Blockchain-based Adents NovaTrack Issues Token to Standardize Access to Comprehensive Supply Chain Traceability12.7.2018 18:20Pressemelding

Adents, leading serialization and track & trace solutions provider, announces the issue of tokens that, combined with its NovaTrack platform, will standardize access to full supply chain traceability. Adents recently released Adents NovaTrack, a marriage of technologies co-developed with Microsoft. The solution utilizes Blockchain, A.I., IoT and serialization functionalities that, when combined, bring comprehensive visibility throughout product distribution chains & life cycles. The result is a solution highly mindful not only in terms of performance and security, but also governance and scalability. With NovaTrack, Adents aims to create an ecosystem of consortium-based blockchains independent from each other, and individually launched on-demand by various supply chain stakeholders (brands, manufacturers, logistics professionals, etc.). Each consortium-based blockchain will provide a secure environment to its participants to share supply chain data and processes. From brands, manufactu