Not all data breaches are created equal
1,673 data breaches led to 707 million data records being compromised worldwide during 2015, according to Gemalto’s Breach Level Index (BLI).
The BLI is a global database that tracks data breaches globally and measures their severity based on multiple dimensions, including the type of data and the number of records compromised, the source of the breach, and whether or not the data was encrypted. By assigning a severity score to each breach, the Breach Level Index provides a comparative list of breaches, distinguishing nuisances from truly impactful mega breaches.
Extensive compromise
According to the BLI, more than 3.6 billion data records have been exposed since 2013 when the index began benchmarking publicly disclosed data breaches. In 2015, malicious outsiders were the leading source of these breaches, accounting for 964, or 58% of breaches and 38% of compromised records, while identity theft remained the primary type of breach, accounting for 53% of data breaches and 40% of all compromised records.
“In 2014, consumers may have been concerned about having their credit card numbers stolen, but there are built-in protections to limit the financial risks,” said Jason Hart, VP and CTO for Data Protection at Gemalto. “However, in 2015 criminals shifted to attacks on personal information and identity theft, which are much harder to remediate once they are stolen. As companies and devices collect ever-increasing amounts of customer information and as consumers’ online digital activities become more diverse and prolific, more data about what they do, who they are and what they like is at risk to be stolen from the companies that store their data. If consumers’ entire personal data and identities are being co-opted again and again by cyber thieves, trust will increasingly become the centerpiece in the calculus of which companies they do business with.”
Data breaches and the impact across industries
Across industries, the government sector accounted for 43% of compromised data records, up 476% from 2014 due to several very large data breaches in the United States and Turkey, and 16% of all data breaches.
The healthcare sector accounted for 19% of total records compromised and 23% of all data breaches. The retail sector saw a major drop (93%) in the number of stolen data records compared to the same period last year, accounting for just 6% of stolen records and 10% of the total number of breaches in 2015. The financial services sector also saw a nearly 99% drop, representing just 0.1% of compromised data records and 15% of the total number of breaches.
While malicious outsiders accounted for the largest percentage of data breach incidents (58%), accidental loss or exposure of data records accounted for 36% of all records. The number of state-sponsored attacks accounted for 2% of data breach incidents, but the number of records compromised as a result of those attacks totaled 15% of all records exposed. Malicious insiders accounted for 14% of all data breaches and just 7% of compromised records.
In terms of geographic regions, 77% of all data breach incidents occurred in North America, with 59% of all compromised records happening in the United States. Europe accounted for 12% of overall breach incidents, followed by the Asia Pacific region at 8%.
Not all data breaches are created equal
“It is important to keep in mind that not all breaches are equal in terms of the level of severity and damage that they can bring for companies and their customers,” added Hart. “Even if a breach occurs, it can be a secure breach if the right security technologies, such as encryption, are properly in place to protect the most important and sensitive data. Unfortunately, this year there were several major breaches involving personal data and identities that were not encrypted when they should have been.
“The Breach Level Index is designed to serve as a guide for security professionals as they navigate the widening threat landscape. It provides CIOs and CSOs with the data they need to better classify breaches, conduct internal risk assessment and planning, and most importantly employ the right security technologies to help ensure that if a breach were to occur their high value and most sensitive data would not be compromised,” concluded Hart.