The number of cyber security breaches disclosed in the first three months of the year fell to 686, compared to 1,444 breaches reported in the first quarter of 2017.
This was according to Risk Based Security, which has released the results of its Q1 2018 Data Breach QuickView Report.
The report found that the number of data records compromised in the quarter remained high, with over 1.4 billion exposed.
In addition, it found that in Q1 last year there were over 200 instances of phishing for employee data. However, by the end of April 2018, that activity had fallen to just over 30 reported events.
According to Risk Based Security, shifting tactics has played a part in the drop in breaches. Crypto-mining malware and cryptojacking has been a threat since early 2017. However, the rapid increase in the value of cryptocurrencies that occurred in January drove a rapid expansion into the theft of computing resources, the company said.
Inga Goddijn, executive vice president at Risk Based Security, said: “While there is no direct data linking the rise of crypto-miners to a reduction in data breach activity, there are tantalising bits of evidence that lead us to believe there is some level of relationship at play here.”
The report found that the top five breach types dominating recent reports – hacking, skimming, inadvertent disclosure on the Internet, phishing and malware – all remained the top breach types into 2018.
Meanwhile, Risk Based Security said the average number of days between the discovery of a breach and its public disclosure has been “steadily declining from year to year”. However, the firm said that at an average of 37.9 days, work still needs to be done to meet the obligation to report breaches within 72 hours of detection.
Share This Post, Choose Your Platform!
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.