3rd Party Risk Management , Anti-Phishing, DMARC , Breach Notification

Data Breach Trends: Global Count of Known Victims Increases

Phishing Attacks and Ransomware Continue to Be Dominant Data Breach Attack Vectors
Data Breach Trends: Global Count of Known Victims Increases
Heat map of countries reporting the most data breaches in 2021 (Source: Risk Based Security)

Are data breaches getting worse?

See Also: Real-World Strategies for Securing Remote Workforces and Data

Tracking data breach trends carries some caveats. For starters, not all organizations report when they've suffered a data breach or exposed people's personal information. Others might report a breach, but not crucial details such as the underlying cause or quantity of records that might have been exposed.

With that in mind, here's what researchers do know: Last year in the U.S., the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased. So says the Identity Theft Resource Center, a nonprofit organization based in San Diego, California, that provides no-cost assistance to U.S. identity theft victims to help resolve their cases, and which recently released its 16th annual Data Breach Report.

Eva Velasquez, CEO and president of the Identity Theft Resource Center

"In 2021, there were more data compromises reported in the U.S. than in any year since the first state data breach notice law became effective in 2003," says Eva Velasquez, president and CEO of ITRC.

Data exposure as a result of online attacks notably increased from 1,108 incidents in 2020 to 1,613 in 2021, ITRC reports.

There was also an increase in the number of breaches that traced to phishing, smishing or business email compromise, rising from 383 incidents in 2020 to 537 incidents in 2021. In the same time frame, breaches that traced to ransomware rose from 158 to 321, meaning that as a root cause of a breach, it doubled - and for the third year in a row.

Source: ITRC

What the online attack data doesn't show, ITRC says, is that the fourth-most-common cause of such incidents was supply chain attacks (see: Data Breach Reports Rise as Supply Chain Attacks Surge).

Source: ITRC

Last year, while the number of known breaches increased, the total number of records that were reportedly exposed declined slightly. ITRC reports that in 2021, 294 million records were reportedly exposed, down from 310 million records in 2020 and 884 million in 2019.

When personal data does get exposed, ITRC reports that it's most often a person's name, followed by Social Security number, date of birth, current home address and medical information.

Global View of Breaches

An assessment of breaches worldwide in 2021 charts similar trends: slightly fewer records being exposed, but more organizations overall reporting that they'd been breached.

Global breaches reported for 2021 (Source: Risk Based Security)

The research comes via vulnerability and data breach intelligence firm Risk Based Security, which last month was bought by New York-based threat intelligence firm Flashpoint.

Here's its count of known 2021 breaches, broken out by the country in which a breached organization was based:

  • United States: 2,953
  • Canada: 181
  • United Kingdom: 125
  • France: 79
  • India: 71
  • Germany: 53
  • Russia: 42
  • Australia: 39
  • Netherlands: 33
  • All Other: 569

Risk Based Security says that so far, about 5% fewer breaches were reported in 2021 than in 2020. But it expects more 2021 incidents to belatedly come to light this year. "It is typical for the number of breaches disclosed for a given year to subsequently increase by 5% to 10%," the company's researchers write in a recent report.

Global breach reports by sector in 2021 (Source: Risk Based Security)

Looking at all reported 2021 breaches globally, Risk Based Security says "the healthcare sector experienced the most incidents, accounting for 14% of reported breaches, although financial services and software providers were also hard-hit.

As in the U.S., ransomware is an increasing problem. It was cited in 11.5% of all breaches reported globally in 2019, rising to 17% in 2020 and 21% in 2021, Risk Based Security reports.

Reporting Delays Remain Common

Inga Goddijn of Risk Based Security

Timely breach discovery and victim notification continue to be a shortfall at many organizations, says Inga Goddijn, executive vice president at Risk Based Security. The average time interval between a breach being discovered and reported increased from 72 days in 2020 to 89 days in 2021, she says.

But some took much, much longer. "In 2021, 15 breaches took more than 365 days - a full year - to go from discovery to the release of a formal breach notification letter. Another 169 events took six months or more," Goddijn says. "It would be easy to blame delays on the pandemic, but this trend started well before COVID-19 became a household name. Complex incident investigations, weak enforcement and a deliberate blindness to notification obligations appear to be at the root of the delays."


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.