Governments show highest number of data breaches

Read time 3min 50sec
In 2015 malicious outsiders were the leading sources of data breaches, according to 
In 2015 malicious outsiders were the leading sources of data breaches, according to Gemalto.

Around 1 673 data breaches led to 707 million data records being compromised worldwide during 2015.

This is according to the latest findings of the Breach Level Index (BLI) released by digital security company Gemalto, yesterday.

According to the Index, more than 3.6 billion data records have been exposed globally since 2013. Further findings revealed in 2015 malicious outsiders were the leading source of these breaches, accounting for 964, or 58% of breaches and 38% of compromised records.

Identity theft remained the primary type of breach, accounting for 53% of data breaches and 40% of all compromised records.

Jason Hart, vice president and chief technology officer for Data Protection at Gemalto,
says in 2014, consumers we more concerned about having their credit card numbers stolen, but there are built-in protections to limit the financial risks.

"However, in 2015 criminals shifted to attacks on personal information and identity theft, which is much harder to remediate once they are stolen.

"If consumers' entire personal data and identities are being co-opted again and again by cyber thieves, trust will increasingly become the centrepiece in the calculus of which companies consumers do business with," explained Hart.

He adds as companies and devices collect ever-increasing amounts of customer information and as consumers' online digital activities become more diverse and prolific, more data about what they do, who they are and what they like is at risk to be stolen from the companies that store their data.

Gemalto says the Breach Level Index is a global database that tracks data breaches globally and measures their severity based on multiple dimensions, including the type of data and the number of records compromised.

The BLI further revealed across industries, the government sector accounted for 43% of compromised data records, up 476% from 2014 due to several very large data breaches in the US and Turkey.

The healthcare sector accounted for 19% of total records compromised and 23% of all data breaches. The retail sector saw a major drop (93%) in the number of stolen data records compared to the same period last year, accounting for just 6% of stolen records and 10% of the total number of breaches in 2015.

The financial services sector also saw a nearly 99% drop, representing just 0.1% of compromised data records and 15% of the total number of breaches.

While malicious outsiders accounted for the largest percentage of data breach incidents (58%), accidental loss or exposure of data records accounted for 36% of all records according to the BLI.

The number of state-sponsored attacks accounted for 2% of data breach incidents, but the number of records compromised as a result of those attacks totalled 15% of all records exposed.

In terms of geographic regions, 77% of all data breach incidents occurred in North America, with 59% of all compromised records happening in the US. Europe accounted for 12% of overall breach incidents, followed by the Asia Pacific region at 8%.

However the Verizon data breach report indicated a different set of statistics, the report found there were 79 790 security incidents in 2015 and 2 122 confirmed data breaches which took place in 61 countries globally.

The Verizon data breach further revealed the public sector accounted for most of the breaches with the number of recorded data losses totalling 303. It further found in the financial sector 271 breaches took place and the healthcare sector saw 141 breaches in 2015.

"Data breaches impact more than the bottom line, in additional to direct financial loss, the impact to an organisation's reputation and trust can be irreparable," said Peter Hunter, territory manager, SA and Africa at SailPoint Technologies.

Speaking at the IT Web's Governance, Risk and Compliance 2016 Summit two weeks ago, Hunter noted 2015 as the year of the realisation that the world has changed and IT security as we know it had to change too.

However, he warned that although network security will help keep the bad guys out, this was not enough.

See also