Malicious outsider data breaches rise nearly 300% in 2016
Cyber attackers launched 1,792 data breaches in 2016, which led to almost 1.4 billion data records being compromised worldwide, according to the newly released Breach Level Index (BLI) report from security provider Gemalto.
Identity theft was the leading type of data breach last year, accounting for 59 percent of all data breaches, the report said. More than half of the organizations hit with data breaches (52 percent) in 2016 did not disclose the number of compromised records at the time they were reported.
The BLI is a global database that tracks data breaches and measures their severity based on multiple factors such as the number of records compromised, type of data, source of the breach, how the data was used, and whether or not the data was encrypted.
By assigning a severity score to each breach, the BLI provides a comparative list of breaches, distinguishing data breaches that are not serious from those that are truly impactful, Gemalto said. According to the BLI, more than 7 billion data records have been exposed since 2013, when the index began benchmarking publicly disclosed data breaches. That amounts to more than 3 million records compromised every day.
In 2016, the top 10 breaches in terms of severity accounted for more than half of all compromised records. Identity theft was the cause of 59 percent of all data breaches, up 5 percent from 2015. The second most prevalent type of breach in 2016 was account access based breaches. While the incidence of this type of data breach decreased by 3%, it made up 54 percent of all breached records. That’s an increase of 336 percent from the previous year.
This highlights the cybercriminal trend from financial information attacks to bigger databases with large volumes of personally identifiable information, the report said.
Malicious outsiders were the leading source of data breaches, accounting for 68 percent of the attacks, up from 13 percent in 2015. The number of records breached in malicious outsider attacks increased by 286 percent from 2015.
"The Breach Level Index highlights four major cybercriminal trends over the past year. Hackers are casting a wider net and are using easily attainable account and identity information as a starting point for high value targets. Clearly, fraudsters are also shifting from attacks targeted at financial organizations to infiltrating large data bases such as entertainment and social media sites. Lastly, fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid," said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto.