2013 Exposed Records Sets the Stage for Massive Identity Theft

2013 Data breaches exposed over 822 million records nearly doubling the previous record high, according to Risk Based Security

We are pleased to release our Data Breach Quick view report that shows 2013 broke the previous all-time record for the number of exposed records caused by reported data breach incidents.  The 2,164 incidents reported during 2013 exposed over 822 million records, nearly doubling the previous highest year on record (2011).

Although overshadowed by the number of exposed records, 2013 is also ranked #2 in total reported  data breach incidents, just behind 2012. “When you analyze the data breach activity in 2013 it’s hard to  find any bright-side, said Barry Kouns, CEO of Risk Based Security. “Four of the “Top 10” data breaches all time, were reported in 2013, including the top spot. “

Risk Based Security’s newly released 2013 Data Breach QuickView report shows that 71.2% of reported  incidents were the result of external agents or activity outside the organization with hacking accounting  for 59.8% of incidents and 72% of exposed records. Incidents involving U.S. entities accounted for 45.5% of the incidents reported and 66.5% of the records exposed.

The Data Breach QuickView report also revealed that individuals’ names, user names, passwords and  email addresses were exposed in 37% of reported incidents, with passwords taking the top spot at  47.8% of all 2013 breaches. Taken together, this is more than enough information to commit identity  fraud on a large scale.  “Another disturbing fact emerges when you analyze the 2013 data breaches”, added Kouns, “260 incidents  involved organizations that have reported a data breach in the past, and sixty organizations reported  multiple incidents in 2013. I would not want to be the one to explain that to stakeholders.”

Risk Based Security’s research suggests that organizations in all industries, regardless of size, should be  on notice that they face a very real threat from security breaches and need every advantage to protect themselves. Timely, accurate and comprehensive threat intelligence can give organizations the edge they need not to show up in the 2014 data breach report.

About the Data Breach QuickView Report

The Data Breach QuickView report is possible through the partnership and combined resources of Risk Based Security and the Open Security Foundation. It is designed to provide an executive level summary of the key findings from RBS’ analysis of 2013’s data breach incidents. Contact Risk Based Security for  your customized analysis of the 2013 data breaches.

You can view the 2013 Data Breach QuickView report here:


About Risk Based Security, Inc.

Risk Based Security is a leading-edge security and threat intelligence company. We provide the most  timely, highest quality and most fully comprehensive vulnerability and data breach intelligence services available. Data intelligence is the basis for our consulting and information security services including  ISO/IEC 27001, SDL and our virtual YourCISO service.

For more information, please contact us via email or call 855-RBS-RISK.