RICHMOND, Va. – This week, Risk Based Security released its Mid-Year 2018 Data Breach QuickView report that shows there have been 2,308 publicly disclosed data compromise events through June, resulting in more than 2.6 billion records exposed. After a surprising drop in the number of reported data breaches in first quarter, breach activity appears to be returning to a more “normal” pace. At the midyear point, 2018 closely mirrors 2016’s breach experience but still trails the high-water mark set in 2017.
Compared to the midyear point in 2017, the number of reported breaches is down from 2,439 breaches, and the number of exposed records is down from 6 billion. The number of disclosed instances targeting employee W-2 forms remained low, with 42 such breaches reported through Q2 2018 compared to 239 for the same time period in 2017.
The business sector accounted for 40% of reported breaches, followed by medical (8.3%), government (8.2%) and education (4.5%). Nearly 40% of breached organizations could not be definitively classified. Five breaches exposed 100 million or more records, accounting for approximately 2 billion of the 2.6 billion total exposed records.
Fraud remains in the top spot for the breach type compromising the most records, accounting for 47.5% of exposed records, while hacking takes the lead in number of incidents, accounting for 54.6% of reported breaches.
“After the wild ride of 2017, we became accustomed to seeing a lot of breaches, exposing extraordinary amounts of information,” said Inga Goddijn, executive vice president for Risk Based Security, in a press release. “2018 is remarkable in that the number of public disclosed breaches appears to be leveling off while the number of records exposed remains stubbornly high. It’s not easy to characterize 2.6 billion records exposed as an improvement, even if it is less than the 6 billion exposed at this time last year.”
An education session at the NACS Show —“Tech Edge: Data, Network and Payments Security”— features industry experts who will help you identify potential vulnerabilities in data, network and payment security at your sites and help you choose the right technology and equipment to implement a layered security solution. Register today!