BreachExchange mailing list archives
2013 Exposed Records Sets the Stage for Massive Identity Theft
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 18 Feb 2014 09:39:55 -0700
https://www.riskbasedsecurity.com/2014/02/2013-data-breach-quickview/ We are pleased to release our Data Breach Quick view report that shows 2013 broke the previous all-time record for the number of exposed records caused by reported data breach incidents. The 2,164 incidents reported during 2013 exposed over 822 million records, nearly doubling the previous highest year on record (2011). Although overshadowed by the number of exposed records, 2013 is also ranked #2 in total reported data breach incidents, just behind 2012. "When you analyze the data breach activity in 2013 it's hard to find any bright-side, said Barry Kouns, CEO of Risk Based Security. "Four of the "Top 10" data breaches all time were reported in 2013, including the top spot. " Risk Based Security's newly released 2013 Data Breach QuickView report shows that 71.2% of reported incidents were the result of external agents or activity outside the organization with hacking accounting for 59.8% of incidents and 72% of exposed records. Incidents involving U.S. entities accounted for 45.5% of the incidents reported and 66.5% of the records exposed. The Data Breach QuickView report also revealed that individuals' names, user names, passwords and email addresses were exposed in 37% of reported incidents, with passwords taking the top spot at 47.8% of all 2013 breaches. Taken together, this is more than enough information to commit identity fraud on a large scale. "Another disturbing fact emerges when you analyze the 2013 data breaches, added Kouns, 260 incidents involved organizations that have reported a data breach in the past, and sixty organizations reported multiple incidents in 2013. I would not want to be the one to explain that to stakeholders." Risk Based Security's research suggests that organizations in all industries, regardless of size, should be on notice that they face a very real threat from security breaches and need every advantage to protect themselves. Timely, accurate and comprehensive threat intelligence can give organizations the edge they need not to show up in the 2014 data breach report. About the Data Breach QuickView Report The Data Breach QuickView report is possible through the partnership and combined resources of Risk Based Security and the Open Security Foundation. It is designed to provide an executive level summary of the key findings from RBS' analysis of 2013's data breach incidents. Contact Risk Based Security for your customized analysis of the 2013 data breaches. You can view the 2013 Data Breach QuickView report here: https://www.riskbasedsecurity.com/reports/2013-DataBreachQuickView.pdf About Risk Based Security, Inc. Risk Based Security is a leading-edge security and threat intelligence company. We provide the most timely, highest quality and most fully comprehensive vulnerability and data breach intelligence services available. Data intelligence is the basis for our consulting and information security services including ISO/IEC 27001, SDL and our virtual YourCISO service. For more information, please contact us via email or call 855-RBS-RISK.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- 2013 Exposed Records Sets the Stage for Massive Identity Theft Audrey McNeil (Feb 18)