According to a report by cyber threat intelligence company Risk Based Security, in the first half of 2018, 2,308 data breaches were publicly disclosed, and approximately 2.6 billion user records were exposed. According to the company’s “Data Disclosure in 2018” report, we can see that compared with 2,439 data breaches and 6 billion data breaches reported in the first half of 2017.
“2018 has been a curious year. After the wild ride of 2017, we became accustomed to seeing a lot of breaches, exposing extraordinary amounts of information. 2018 is remarkable in that the number of public disclosed breaches appears to be leveling off while the number of records exposed remains stubbornly high,” said Inga Goddijn, Executive Vice President for Risk Based Security. “It’s not easy to characterize 2.6 billion records exposed as an improvement, even if it is less than the 6 billion exposed at this time last year,” said Inga Goddijn, Executive Vice President for Risk Based Security.
The record that is currently being exposed has indeed decreased, and Goddijn believes that this is not an optimistic reason: it is not convincing to classify the 2.6 billion exposure records as the improvement, even if it is much less than the 6 billion records in the same period last year. At the same time, the researchers also observed in close-up observations than five leaks in the first half of the year exposed 100 million or more data records. They accounted for about 2 billion of the total number of exposures. Earlier this year, The 1.19 billion pieces of data reported by the Indian biostatistical database Aadhaar were leaked, making it the most serious data breach in the first half of this year.
In the industry, business organizations have the worst situation: 40% of companies have found violations, followed by healthcare (8.3%), government (8.2%) and education (4.5%). However, a significant proportion (nearly 40%) of organizations are not classified.
As for the type of violation, fraud accounted for the highest proportion (47.5%), while hacking (54.6%) was the cause of most incidents. Along with this, the number of vulnerabilities reported in 2017 reached a record high, plus no patches, which made many systems mature enough to be utilized. On the other hand, phishing credentials and then using them to invade systems or services continues to be a popular attack method.
You can get the full “2018 MidYear Data Breach QuickView” report here.