This year is set to be the most damaging 12 months ever in terms of the number of data breaches and the amount of records compromised, a new study has forecast, which should emphasise to all businesses the importance of making cyber security a top priority.
According to the 2019 MidYear QuickView Data Breach Report from Risk Based Security, the first six months of 2019 have already seen 4.1 billion data records exposed through 3,813 breaches.
This marks a 54 per cent increase in the number of incidents compared with the same time last year and a 52 per cent rise in the number of compromised records.
However, this research can only look at reported breaches, so the true number may be even greater if companies have not discovered or disclose breaches – which can often take months or even years to be revealed.
Another notable finding of the report was that of these 4.1 billion stolen records, nearly 80 per cent – 3.2 billion – were lost in just eight breaches, highlighting the huge impact that large-scale incidents can have.
The largest individual breach involved Verifications.io, a marketing firm that verifies or approves email addresses for third-party customers, which disclosed the loss of at least 763 million records in March – though some reports put the true figure even higher at around two billion.
This incident exposed details including email addresses, phone numbers, addresses, dates of birth, social media account details, credit scoring and even mortgage data, and was traced to an unsecured, publicly-accessible database, indicating that hackers do not have to be sophisticated to gain access to valuable data.
Inga Goddijn, executive vice-president at Risk Based Security, said based on the first six months of 2019, it is “hard to be optimistic” about the prospects for the rest of the year.
“The number of breaches is up and the number of records exposed remains stubbornly high,” she continued. “Despite best efforts and awareness among business leaders and defenders, data breaches continue to take place at an alarming rate.”
The report found email addresses were the most commonly-exposed data, with this information lost in 70 per cent of incidents. This was followed by passwords (64 per cent), names (23 per cent), and Social Security and credit card numbers (both 11 per cent).