US Data Breaches Surge 68% to All-Time High

Security

The volume of publicly reported data compromises in the US soared 68% year-on-year to a record high of 1862, according to new data from the Identity Theft Resource Center (ITRC).

The non-profit said the figure was 23% higher than the previous record, set in 2017.

The number of victims was down 5%, continuing a recent trend as threat actors focus their efforts on collecting specific data types rather than acquiring mass troves of data indiscriminately.

Ransomware continues to be a significant driver of the overall upward trend for breaches: data compromises related to these attacks have doubled in each of the past two years. Ransomware is on course to surpass phishing as the number one cause of breaches in 2022, the ITRC claimed.

Although the report covers leaked and breached data, compromises stemming from cyber-attacks were by far the most significant cause. In fact, there were more of these incidents in 2021 (1603) than there were data compromises in 2020 (1108).

The manufacturing and utilities sector reported the largest percentage increase in data compromises, up 217% over 2020. Every sector saw a rise in incidents bar the military vertical, where there were no publicly reported breaches.

Reporting is also becoming more opaque: the number of data breach notices that did not reveal the root cause of a compromise (607) grew by over 190% year-on-year in 2021.

The only positive from the report was that the number of data events involving sensitive information like Social Security numbers increased only slightly year-on-year. It nudged up from 80% to 83% over the period but is still well below the record high of 95% in 2017.

ITRC president and CEO Eva Velasquez argued that 2021 had seen a shift in the identity crime space.

“Too many people found themselves in between criminals and organizations that hold consumer information. We may look back at 2021 as the year when we moved from the era of identity theft to identity fraud,” she said.

“The number of breaches in 2021 was alarming. Many of the cyber-attacks committed were highly sophisticated and complex, requiring aggressive defenses to prevent them. If those defenses failed, too often we saw an inadequate level of transparency for consumers to protect themselves from identity fraud.”

Products You May Like

Articles You May Like

Separating the bee from the panda: CeranaKeeper making a beeline for Thailand
THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 23-29)
Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks
British Hacker Charged in the US For $3.75m Insider Trading Scheme
Cybersecurity Awareness Month needs a radical overhaul – it needs legislation

Leave a Reply

Your email address will not be published. Required fields are marked *