If Yahoo’s data breach announcement
yesterday is any indication, cyber-attacks are more prevalent than ever — and gaining momentum.
In fact, data breaches increased 15% in the first six months of 2016, compared with the last six months of 2015, according to the “Breach Level Index.” The report, from Gemalto, is a global database that tracks data breaches and measures their severity based on multiple dimensions, in-cluding the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted.
Data revealed that the retail industry specifically accounted for 11% of data breaches in 2016. In some good news, incidents declined 6% versus the previous six months, and accounted for 3% of compromised data records, the report said.
Data revealed that more than 4.8 billion data records have been exposed since 2013. To date, worldwide, there were 974 reported data breaches, and more than 554 million compromised data records in the first half of 2016, compared to 844 data breaches and 424 million compromised data records in the previous six months. In addition, 52% of the data breaches in the first half of this year did not disclose the number of compromised records at the time they were reported, the report said.
“In this increasingly digital world, companies, organizations and governments are storing greater and greater amounts of data that has varying levels of sensitivity,” said Jason Hart, VP and CTO for data protection at Gemalto. “However, the failure of organizations to protect sensitive personal information and identities is a growing problem that will have implications for consumer confidence in the digital services and companies they entrust with their personal data.”
For the first six months of 2016, identity theft was the leading type of da-ta breach, accounting for 64% of all data breaches, up from 53% in the previous six months. Malicious outsiders were the leading source of data breaches, accounting for 69% of breaches — up from 56% in the previous six months.
“More focus needs to be on understanding what really constitutes sensi-tive data, where it is stored, and using the best means to defend it,” Hart said. “At the end of the day, the best way to protect data is to kill it. That means ensuring user credentials are secured with strong authentication, and sensitive data is protected with encryption so it is useless to the thieves.”