Between April and June of this year, there were a total of 237 breaches that compromised more than 175 million customer records of personal and financial information worldwide. For the first half of 2014, more than 375 million customer records were stolen or lost as a result of 559 breaches worldwide.
The retail industry had more data records compromised than any other industry during the second quarter, with more than 145 million records stolen or lost, or 83 percent of all data records breached. Less than one percent of all 237 breaches during the second quarter were secure breaches where strong encryption or authentication solutions protected the data from being used.
“The numbers are pretty staggering. 175 million-plus records stolen in the second quarter means that data theft is happening at a rate of 80,000 records per hour. And until we start to do things differently it will probably keep on rising. Doing the same thing and expecting different results when it comes to your security strategy will continue to have painful outcomes,” Tsion Gonen, Chief Strategy Officer, SafeNet, told Help Net Security.
“Businesses need to start thinking beyond PLAN A of “how do I prevent a breach’ and add a plan B which focuses on minimizing the impact of consumer data loss. For example, using encryption to deem the data useless. It seems that if consumers don’t start to demand that companies pay the price for these breaches, the current data breach epidemic likely will never end,” Gonen added.
Highlights from the second quarter Breach Level Index from SafeNet include:
- In each of the last four consecutive quarters, there has been one major data breach in which more than 100 million records were exposed.
- 175,655,228 records were stolen in the second quarter. This equates to 1,951,724 records stolen per day; 81,321 stolen per hour; and 1,355 records stolen every second.
- Malicious outsiders are targeting businesses’ most critical records. They are responsible for compromising 99 percent of the records and 56 percent of the incidents this quarter, more than any other source.
- Healthcare incurred 23 percent of incidents, more than any other industry, but only accounted for 782,732 records lost or less than 1 percent of all records stolen during the quarter.
- Identity theft was the leading cause of breaches with 58 percent of all incidents and 88 percent of records stolen.
- Encryption was used in only 10 of the 237 reported data breach incidents. Of those, only two could be classified as secure breaches in which encryption restricted the access of stolen data.
- The U.S. accounted for 85 percent of records compromised worldwide and 74 percent of all reported incidents, more than any other country. Germany followed with 10 percent of all records stolen.
- Three of the top five breaches were based in the U.S., with the other two breaches occurring in Europe.
- Government was the second least secure sector after retail, accounting for 11 percent of all records that were lost or stolen. The Department of Veterans Affairs incurred the most breaches, having been hacked during each quarter of 2014.
- Financial services breaches decreased significantly from the first quarter, down from 56 percent to less than one percent of records stolen in the second quarter.