Data Breaches Up 40% in 2016
Data breaches in the United States hit an all-time high of 1,093 in 2016. A study, released by CyberScout and the Identity Theft Resource Center (ITRC), says this is a 40% increase from the 780 reported breaches in 2015.
The ITRC has been studying data breaches in five industry sectors since 2005, and in 2016, the business sector once again accounted for the most data breaches. There were a total of 494 attacks, 45.2% of the total breaches. The other sectors include the:
- Healthcare/medical industry with 377 incidents (34.5%)
- Education sector with 98 attacks (9%)
- Government/military with 72 incidents (6.6%)
- Banking/credit/financial sector with 52 reports (4.8%).
Not only did the report look at the industries under attack, it identified the leading “type of occurrence.” For the eighth consecutive year, hacking/skimming/phishing attacks were the leading cause of breaches. These occurrences accounted for 55.5% of all breaches, a 17.7% increase from 2015.
The business sector seemed to be the target of these attacks, as many of these occurrences resulted from CEO spear phishing efforts. In these types of attacks, cybercriminals send an employee an official-looking email that encourages them to click a link, which in turn gives hackers access to the employee’s corporate network. Sensitive business data, including state and federal tax filings, is then exposed. In 2017, the IRS has reported a 400% surge in these attacks, which has prompted industry and consumer alerts from the organization.
Other breaches include email/Internet information exposure (9.2%) and employee error, which includes negligence, improper disposal and loss (8.7%).
Social Security number hacks were also on the rise. Social Security numbers were exposed in 52% of all breaches, which represents an 8.2% increase. On the positive note, exposure of debit and credit card numbers is on the decline. Debit or credit cards were exposed in 13.1% of all attacks, which represents a 7.4% decrease.