More than 6 billion records were exposed as as result of the 2,227 data breaches that were reported in the first six months of 2017, according to a new report from Risk Based Security.
The number of publicly disclosed data compromise events through June 30 remained in line with the number of breaches disclosed mid-way through 2015 and 2016, but the total number of records exposed surpassed 2016’s year-end high mark.
The top 10 data breaches exposed 5.6 billion of the 6 billion records compromised, and had an average severity score of 9.82 out of 10.0, Risk Based Security’s report (PDF) reveals.
The United States registered by far the largest number of data breaches at 1,367, followed by the United Kingdom at 104, Canada at 59, India at 52, and Australia at 34. Overall, North America accounted for 64.2% of the breaches reported in the first half of 2017, while breaches involving U.S. entities accounted for 61% of incidents and 30% of the records compromised.
Although only 22 breaches happened in the country, China accounted for 48.83% of the records exposed (or 3,822,024,257), followed by the United States with 47.86% of them (or 3,746,193,334). India landed on the third position with 2.29% of the exposed records (or 179,055,018).
Hacking accounted for the largest number of incidents (927), followed by skimming (272) and phishing (253). Web (inadvertent online disclosure) accounted for 68.1% of the records exposed, while hacking only for 30.8% of them. Stolen computer compromise landed on the third position (0.9%) after a 55.1 million voter records were exposed following the theft of a computer from the COMELEC (Philippines Election Commission) offices.
Names were exposed the most following data breaches (40.6% of incidents), followed by email addresses (33.2% breaches), physical addresses (30.4%), passwords (28.0%), and Social Security numbers (26.1%). The percentage of incidents impacting Social Security numbers increased from 17.6% in 2016 to 26.1% in 2017, while that of breaches impacting Names increased from 36.1% to 40.6%.
While most incidents were the result of outside compromise (1,794), there was an increase in the number of breaches that resulted from insider activity compared to first quarter of the year: 16.0% vs 12.1%. Furthermore, insider activity accounted for most exposed records, as a single insider incident exposed over 2 billion records.
The business sector was hit the most by data breaches during the first half of the year: organizations in this sector accounted for 56.5% of the breaches impacting data belonging to customers, clients or other 3rd parties (three of the largest breaches in the first half of 2017 impacted 3rd parties). The business sector accounted for 93% of the total records exposed.
According to Risk Based Security’s report, there was a 25% increase in the number of incidents targeting tax data, in the form of successful phishing attacks compromising W-2 data. However, as soon as the tax season ended, the number of phishing attacks declined. One incident involving Job Link Alliance resulted in the compromise of approximately 5.5 million job seekers’ names, addresses, dates of birth, and Social Security numbers.
The top severity breaches impacted DU Caller Group (2,000,000,000 user phone numbers, names and addresses exposed), NetEase, Inc. (hackers stole 1,221,893,767 email addresses and passwords), River City Media, LLC (1,374,159,612 names, addresses, IP addresses, and email addresses, and an undisclosed number of financial documents, chat logs, and backups exposed), and Deep Root Analytics (198,000,000 voter names, addresses, dates of birth, phone numbers, political party affiliations, and other demographic information).
Other high profile breaches impacted Edmodo (77,000,000 user email addresses, usernames, and bcrypt hashed passwords with salts stolen), EmailCar (267,693,854 email addresses and phone numbers exposed), Tencent Holdings Ltd (129,696,449 email addresses and passwords stolen), National Social Assistance Programme in India (135,000,000 Aadhaar numbers and 100,000,000 linked bank account numbers, as well as names, caste, religion, addresses, phone numbers, photographs, and assorted financial details leaked), Youku (91,890,110 user accounts with usernames, email addresses and MD5 encrypted passwords stolen), and Yahoo Japan (23,590,165 email addresses and passwords stolen).
“It is stunning to see the steady increase in the number of breaches impacting one million or more records. In the first six months of 2013, 2014 and 2015, the number of these large breaches hovered in the mid tens. Last year we saw that number jump to 28, and now, for the first six months of this year, we’re tracking 50 such incidents. Even more striking, in Q1 we had a new single largest breach disclosed, only to be replaced by yet another all-time largest breach in Q2,” Inga Goddijn, Executive Vice President for Risk Based Security, said.