Subscribe

Billions of data breaches in 2017: report

Regina Pazvakavambwa
By Regina Pazvakavambwa, ITWeb portals journalist.
Johannesburg, 16 Apr 2018
Over the past five years, nearly 10 billion records have been lost, stolen or exposed, says Gelmato.
Over the past five years, nearly 10 billion records have been lost, stolen or exposed, says Gelmato.

A lack of proper safeguards and training in the form of accidental data loss produced billions of data breaches in 2017, according to Gelmato Breach Level Index report.

The Breach Level Index serves as a global database that tracks and analyses data breaches, the type of data compromised and how it was accessed, lost or stolen.

The report revealed that more than 2.5 billion records were stolen, lost or exposed worldwide in 2017, an 88% increase from 2016. While data breach incidents decreased by 11%, 2017 was the first year publicly disclosed breaches surpassed more than 2 billion compromised data records since the Breach Level Index began tracking data breaches in 2013, says the study.

Over the past five years, nearly 10 billion records have been lost, stolen or exposed, with an average of five million records compromised every day, says Gelmato. Of the 1 765 data breach incidents in 2017, identity theft represented the leading type of data breach, accounting for 69% of all data breaches, says the report.

Malicious outsiders remained the number one cyber security threat last year at 72% of all breach incidents, it notes. Companies in the healthcare, financial services and retail sectors were the primary targets for breaches last year, says Gelmato. However, government and educational institutions were not immune to cyber risks in 2017, making up 22% of all breaches, it adds.

"The manipulation of data or data integrity attacks poses an arguably more unknown threat for organisations to combat than simple data theft, as it can allow hackers to alter anything from sales numbers to intellectual property. By nature, data integrity breaches are often difficult to identify and in many cases, where this type of attack has occurred, we have yet to see the real impact, says Jason Hart, vice president and chief technology officer for Data Protection at Gemalto.

"In the event that the confidentiality, or privacy, of the data is breached, an organisation must have controls, such as encryption, key management and user access management, in place to ensure that integrity of the data isn't tampered with and it can still be trusted. Regardless of any concerns around manipulation, these controls would protect the data in situ and render it useless the moment it's stolen."

According to a report by the Ponemon Institute, South African organisations are more exposed to data breach incidents than their counterparts across the globe, having scored the highest probability of experiencing a data breach in the next 24 months.

Meanwhile, Verizon 2018 Data Breach Investigations Report, says more than one in four attacks suffered by organisations over the past year were carried out by insiders, driven largely by financial gain, simple errors, misuse or espionage. The report is based on the analysis of thousands of real-world incidents across 65 countries numbering over 53 000 this year, including 2 216 confirmed data breaches.

However, some industries fared worse than others. In healthcare, a whopping 56% of incidents were as a result of insiders, 35% of them human error and 24% misuse. According to Verizon, healthcare is the only industry where the threat from inside is greater than that from outside, adding that staff are abusing their access to systems or data.

In addition, businesses in the EMEA region are taking on average 175 days to detect a threat lurking on their networks, significantly longer than 102 days dwell time - or the number of days from first evidence of compromise that an attacker is present on a victim's network before detection - that the region reported the year before, says FireEye company Mandiant's 'M-Trends 2018' report.

Globally however, when it comes to detecting that a compromise has taken place, not much has changed, with the report indicating that median dwell time of 101 days is pretty much unchanged from 2017's report of 99 days, it adds.

Breaches with an unknown number of records increased from 936 to just 987, which demonstrates how hard it is to get an accurate picture of the number of data records and accounts that are compromised every year, says Gelmato.

Share