Data breaches up by 40 percent in 2016
The last year has seen fewer of the large scale breaches that made the headlines in 2014 and 2015, but that doesn’t mean the problem has gone away.
The leading cause of data breach incidents was hacking/skimming/phishing attacks, accounting for 55.5 percent of the overall number of breaches, an increase of 17.7 percent over 2015 figures. This type of attack also accounted for 72 percent of breached records. Breaches involving accidental email/internet exposure of information were the second most common type of incident at 9.2 percent of the overall number of breaches followed by employee error at 8.7 percent.
Social security numbers were exposed by 52 percent of breaches, an 8.2 percent increase, but only 13 percent involved credit and debit card details -- a drop of 7.4 percent over the previous year.
The business sector accounted for 45.2 percent of the overall number of breaches, followed by the healthcare/medical industry (34.5 percent), education (nine percent), government (6.6 percent), and banking and finance (4.8 percent).
"For businesses of all sizes, data breaches hit close to home, thanks to a significant rise in CEO spear phishing and ransomware attacks," says Matt Cullina, CEO of CyberScout and vice chair of ITRC's board of Directors. "With the click of a mouse by a naïve employee, companies lose control over their customer, employee and business data. In an age of an unprecedented threat, business leaders need to mitigate risk by developing C-suite strategies and plans for data breach prevention, protection and resolution."
More information on the findings is available on the ITRC website.