Only 1% of Q1 data breaches were "secure breaches"
Posted on 29 April 2014.
Of the 254 data breaches that occurred during the first quarter of 2014, only 1 percent were "secure breaches," i.e. breaches where strong encryption, key management, or authentication solutions protected the data from being used, SafeNet revealed at Infosecurity Europe 2014. Also, in Q1 we witnessed the theft of nearly 200 million records, which was an increase of 233 percent over the same time last year.


The company's Breach Level Index provides details about hundreds of individual data breaches, which can be sorted by source, industry, risk level, and date, and highlights from the first quarter research include:
  • More than 254 data breaches were publicized, representing 200 million lost or stolen data records. Because of the varying strictness of data breach reporting requirements around the globe, this quarterly data does not include organizations that didn't disclose the amount of data records that were exposed. In all probability, the total number is likely to be even higher.
  • South Korea took the top spot of all countries with four of the top five breaches worldwide and a loss of 158 million records across a variety of industries. This represents 79 percent of the total number of reported breached records worldwide. These four breaches included the Korea Credit Bureau, Korean Medical Association, Korea Telecom, and Naver, a major Korean search portal. While the number of South Korean breached records was extremely high, the number of breach incidents in Asia Pacific as a whole accounted for only 7 percent of the total number of global breaches, dwarfed by the 78 percent (199 incidents) that occurred in North America and 13 percent in Europe.
  • The financial industry was hit hardest, accounting for 56 percent of all data records lost or stolen. However, it represented 14 percent of total breaches during the quarter.
  • The healthcare industry was hit hard in terms of breach events, accounting for 24 percent of all breaches. However, the industry accounted for just 9 percent of data records lost or stolen.
  • 20 percent of all records lost or stolen came from the technology industry, while retail represented just 1 percent of data records lost or stolen and 10 percent of all data breaches, even including the Sally Beauty Supply breach, which made major headlines.
  • Government and education breaches accounted for less than 1 percent of total records stolen and 23 percent of data breaches, including the University of Maryland's breach of 287,000 records stolen early this year.
  • Malicious outsiders accounted for 156 (62 percent) of total incidents during the first quarter, with over 86 million records stolen. Malicious insiders only accounted for 11 percent of total incidents, but they were much more effective, accounting for 52 percent of records stolen. Accidental loss represented 25 percent of total incidents, while hacktivist and state-sponsored attacks added up to only 2 percent of the total.
  • There were approximately three breaches and 2.2 million records stolen each day, and more than 93,000 per hour.
"The white noise of data breach reporting makes every breach seem just as bad as the last, but this is certainly not the case. Some organizations are handling customer data responsibly, and others are not. Tools like the Breach Level Index can help companies and the public alike understand the actual severity of breaches on a graduated scale and distinguish between these two groups," said Tsion Gonen, chief strategy officer, SafeNet. "In differentiating between secure and insecure breaches, it's important to look at which victims have protected their data with encryption to limit the damage from a breach and render the date unusable to cyber criminals."






Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals itís our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Sep 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //