Number of Records Exposed Up 112% in Q3
November 12, 2019 • RBS
Today, we released our Q3 2019 Data Breach QuickView Report and continuing off Q1 and Mid-Year expectations, breach activity in 2019 is on track to being “the worst year on record”.
Within the first nine months of 2019 there have been 5,183 breaches reported with 7.9 billion records exposed, and we are on track to reach 8.5 billion. Compared to the mid-year of 2018, the total number of breaches was up 33.3% and the total number of records exposed more than doubled, up 112%.
Just six breaches accounted for 3.1 billion records exposed between July 1st and September 30th.
As we look over the experience of 2019 what stands out is that we are often our own worst enemy. Whether it’s a phishing campaign that ultimately provides malicious actors with a toehold into systems or misconfigured databases and services that leave millions of sensitive records freely available on the internet, it seems to be human nature coupled with weak controls that contributed heavily to the number and severity of breaches we’ve seen this year.Inga Goddijn, Executive Vice President, Risk Based Security
The Q3 2019 Data Breach QuickView Report covers the data breaches reported between January 1st and September 30th, 2019. Key findings state that by NAICS economic sector, medical services, retailers and public entities experienced the most breaches, but when all business related sectors are combined, general business remains the most breached organization type. Looking further into data breach landscape, hacking remains the top breach type for number of incidents while Web has exposed the most records this year.
While malicious actors have been responsible for most incidents, it is accidental exposure of data on the internet that has put the most records at risk. This year over 6 billion records have been made freely accessible thanks to misconfigured databases, backups, end points, and services. The widespread availability of tools useful for identifying such leaks coupled with an interest in reporting – as well as taking advantage of – these exposures has fueled the growth in the number of records compromised.Inga Goddijn, Executive Vice President, Risk Based Security
Download your free copy of the report today to learn more about the breach trends and statistics unfolding in 2019.
About the QuickView Report and Cyber Risk Analytics
The quarterly Data Breach QuickView report is a service of Cyber Risk Analytics (CRA), which provides actionable threat intelligence about organizations that have had a data breach or leaked credentials. This enables organizations to reduce exposure to the threats most likely to impact them and their vendor base.
In addition, our PreBreach vendor risk ratings, the result of a deep-view into the metrics driving cyber exposures, are used to better understand the digital hygiene of an organization and the likelihood of a future data breach.
The integration of PreBreach ratings into security processes, vendor management programs, cyber insurance processes and risk management tools allows organizations to avoid costly risk assessments, while enabling businesses to understand their risk posture, and to act quickly and appropriately to proactively protect their most critical information assets.