Over 27 billion records exposed in the first half of 2020
Although reports of data breaches are down 52 percent in the first half of this year, the number of records exposed over the same period has soared to 27 billion.
The latest Data Breach Report from Risk Based Security shows 2,037 publicly reported breaches from January to June, a 52 percent decrease compared to the first six months of 2019 and 19 percent below the same time period for 2018.
But at the same time the number of records exposed between January 1, 2020 and June 30, 2020 reached 27 billion, exceeding the total number of records exposed during the entirety of 2019 by more than 12 billion.
There have been 33 incidents that exposed more than 10 million records, with three exposing more than a billion. Compare this to the first half of 2015 when only six breaches exposed more than 10 million records.
"The striking differences between 2020 and prior years brings up many questions," says Inga Goddijn, executive vice president at Risk Based Security. "Why is the breach count low compared to prior years? What is driving the growth in the number of records exposed? And perhaps most importantly, is this a permanent change in the data breach landscape?"
As in previous reports, the main issue behind the number of records exposed is misconfigured databases and services. Four economic sectors (information, health care, finance and insurance, and public administration) account for more than half (52.5 percent) of reported breaches.
The number of payment card details exposed in the first six months of 2020 passed 90 million records. But there were even more Social Security / national identity numbers, financial account numbers, and dates of birth exposed during the same period.
"Misconfigured databases and services have been the key driver behind the growing number of records exposed," adds Goddijn. "When entire databases are left open and freely accessible, a considerable amount of data is put at risk. It is a small handful of these events in Q2 that are responsible for the explosion in the number of records exposed. In the second quarter of 2020, just two breaches alone were responsible for more than 18 billion of the 27 billion records put at risk."
You can get the full report from the Risk Based Security site.