A Decade of Data Breaches: Facts and Myths

A new report that analyzes 10 years of data breach information reveals that the disclosure of such breaches began to decline in 2014. There were less than 400 reported incidents that year, compared with more than 500 a year from 2010 through 2013.

However, this decline is not necessarily a positive indicator, according to Christopher Budd, threat communications manager with Trend Micro, the global cloud security company that issued the report, “Follow the Data: Dissecting Data Breaches and Debunking Myths.”

“It’s hard to determine if that is an anomaly or the start of a new trend,” Budd says.”2014 may have had few disclosures, but we had the Target, the Neiman Marcus and the Michaels breaches, for instance. In 2015, we have had several Blue Cross Blue Shields that already said they’ve been hit. We have OPM [U.S. Office of Personnel Management].

“While the total number of incidents may be dropping, it doesn’t mean that these are good. It may mean that we are looking at fewer worse incidents instead of many moderate incidents.”

Health Care Industry Is Attacked the Most

According to the report, which analyzed Privacy Rights Clearinghouse data breach records from 2005 to April 2015, hacking and malware was responsible for 25 percent of all data breach incidents over that time. Health care was the most impacted industry, followed by the government and retail sectors. Identify theft also occurred most frequently in the health care industry, at 29.8 percent, compared with retail at 15.9 percent and education at 10.9 percent.

“I would [compare] attacks like this [to] ants at a picnic,” Budd says. “The ants are going to go where the food is. When it comes to personal information, I would say that health information providers have the best store of information to target.” These organizations store social security numbers, addresses, dates of births and other types of personal information for individuals and entire families.

Trend Micro’s research also reveals that the average price of personally identifiable information (PII) dropped from approximately $4 per line in 2014 to $1 in 2015 in U.S. currency. Other information that has become much hotter in terms of market commodities includes various mobile phone operator accounts, which are selling in the U.S. at about $14 each, and information on eBay and PayPal accounts, which can fetch about $300 U.S. each, the analysis shows.

The report also reveals information about the likelihood of specific information being stolen, given that other data was already taken. For example, if someone’s financial data was stolen, there is a 73.33 percent probability that their PII was also taken. And if PII was taken, there’s a 21.8 percent probability that financial data was taken. Budd says this type of information could be valuable in alerting companies and individuals about other areas to be aware of in terms of breaches.

 

Picture of Maggie O'Neill

Maggie O'Neill

TRENDING AROUND THE WEB

10 lessons 99 percent of people learn a bit too late in life, according to psychology

10 lessons 99 percent of people learn a bit too late in life, according to psychology

The Blog Herald

If you want your family to be proud of you as you get older, say goodbye to these 8 behaviors

If you want your family to be proud of you as you get older, say goodbye to these 8 behaviors

Global English Editing

7 signs a man is highly attracted to you but trying to play it cool

7 signs a man is highly attracted to you but trying to play it cool

Personal Branding Blog

Self-confident men who have nothing to prove often display these 9 behaviors

Self-confident men who have nothing to prove often display these 9 behaviors

Small Business Bonfire

Populism’s resurgence: Why Trump’s victory reveals a flaw in us all

Populism’s resurgence: Why Trump’s victory reveals a flaw in us all

The Vessel

Stop Feeling Stuck: 8 Essential Steps to Create a Life You Love Starting Today

Stop Feeling Stuck: 8 Essential Steps to Create a Life You Love Starting Today

Jeanette Brown