Publicly disclosed breaches are down 58 percent
The total number of publicly reported breaches in Q1 2020 has decreased by 58 percent compared to the same period last year according to a new report from Risk Based Security.
Despite the number of breaches being down though, the number of records exposed for this quarter soared to 8.4 billion -- a 273 percent increase compared to Q1 2019, and a record for the same period since at least 2005, when detailed reporting began.
"Although the total number of publicly disclosed breaches in Q1 2020 dropped dramatically compared to 2019, this should not be interpreted as a decline in breach activity," says Inga Goddijn, executive vice president at Risk Based Security. "We observed two factors driving this change. First, a large number of illicit data leaks and dumps were identified in early 2019, resulting in a temporary spike in activity. Similar spikes had been captured in the fall of 2018 and 2017, but this trend was absent from the start of 2020. The second factor is the disruption triggered by COVID-19. As the virus spread, so did a decline in breach disclosures. The turmoil that the pandemic has brought has created a unique opportunity for malicious actors and a stressful environment primed for mistakes. Once the dust settles, we anticipate the number of reported breaches will be on par with, if not exceed, 2019."
The increase in records compromised has been driven largely by one breach -- a misconfigured ElasticSearch cluster that exposed some 5.1 billion records. Even on figures adjusted for this incident, however, the number of records exposed still increased 48 percent compared to the first quarter of 2019. On average, hacking exposed approximately 850,000 records per breach and most breaches originated from outside the organization.
The full report covers data breaches reported between January 1, 2020 and March 31, 2020.
Image credit: Den Rise / Shutterstock