Despite oft repeated claims that the insider threat is the one organizations should be looking out for, the numbers and statistics related to 2013 data breaches show that risk is much smaller than the one related to attacks coming from the outside.
Risk Based Security and the Open Security Foundation have analyzed the numbers and details of 2,164 data loss incidents reported in 2013, and have concluded that 72 percent of these incidents involved outside attackers, and 25 percent involved insiders. It’s also good to know that breaches involved insiders were due more to accidents and human error than maliciousness.
And while the number of incidents data loss incidents in 2012 is almost by a third bigger that that for 2013, the number of records exposed in 2013 breaches has reached a record 823 million.
The majority of data breaches hit businesses, followed by government, medical and educational institutions, and it should not be wholly unexpected that the overwhelming majority of the exposed records was stolen from businesses, as well:
It also shouldn’t come as a surprise that 45.5 percent of the breaches hit organizations based in the US, and that those accounted for 66.5 percent of the compromised records (of the US states, California leads the list with some 370 million records exposed).
Interestingly enough, South Korea is second of the list of countries when it comes to exposed records – some 140 millions of emails addresses and identification numbers were compromised in a hack believed to be mounted by North Korean hackers against still publicly unknown organizations. This attack is also third on the list of the top 10 data breach incidents of all time.
The Adobe hack tops that list, when the hack of company systems exposed customer names, IDs, encrypted passwords and debit/credit card numbers with expiration dates, source code and other information relating to customer orders – all in all 152 million records were compromised.
The recent Target breach is in the fifth place, and the data exposure that happened due to a flaw in Pinterest’s API ends the list.
The total number of exposed records in 2013 is so very big because of these massive breaches, but it’s interesting to note that a little over half of the reported incidents exposed only between one and 1000 records.
Also an interesting statistic: 260 of the breaches disclosed in 2013 represented a subsequent incident for the impacted organization, and sixty organizations reported multiple incidents during 2013.
If you are interested in more details and statistics, I recommend checking out the extremely detailed report.