2013 Exposed Records Sets the Stage for Massive Identity Theft

[Audrey McNeil <audrey () riskbasedsecurity com>]

https://www.riskbasedsecurity.com/2014/02/2013-data-breach-quickview/

We are pleased to release our Data Breach Quick view report that shows 2013
broke the previous all-time record for the number of exposed records caused
by reported data breach incidents. The 2,164 incidents reported during 2013
exposed over 822 million records, nearly doubling the previous highest year
on record (2011).

Although overshadowed by the number of exposed records, 2013 is also ranked
#2 in total reported data breach incidents, just behind 2012. "When you
analyze the data breach activity in 2013 it's hard to find any bright-side,
said Barry Kouns, CEO of Risk Based Security. "Four of the "Top 10" data
breaches all time were reported in 2013, including the top spot. "

Risk Based Security's newly released 2013 Data Breach QuickView report
shows that 71.2% of reported incidents were the result of external agents
or activity outside the organization with hacking accounting for 59.8% of
incidents and 72% of exposed records. Incidents involving U.S. entities
accounted for 45.5% of the incidents reported and 66.5% of the records
exposed.

The Data Breach QuickView report also revealed that individuals' names,
user names, passwords and email addresses were exposed in 37% of reported
incidents, with passwords taking the top spot at 47.8% of all 2013
breaches. Taken together, this is more than enough information to commit
identity  fraud on a large scale. "Another disturbing fact emerges when you
analyze the 2013 data breaches, added Kouns, 260 incidents involved
organizations that have reported a data breach in the past, and sixty
organizations reported multiple incidents in 2013. I would not want to be
the one to explain that to stakeholders."

Risk Based Security's research suggests that organizations in all
industries, regardless of size, should be on notice that they face a very
real threat from security breaches and need every advantage to protect
 themselves. Timely, accurate and comprehensive threat intelligence can
give organizations the edge  they need not to show up in the 2014 data
breach report.

About the Data Breach QuickView Report

The Data Breach QuickView report is possible through the partnership and
combined resources of Risk Based Security and the Open Security Foundation.
It is designed to provide an executive level summary of the key findings
from RBS' analysis of 2013's data breach incidents. Contact Risk Based
Security for  your customized analysis of the 2013 data breaches.

You can view the 2013 Data Breach QuickView report here:

https://www.riskbasedsecurity.com/reports/2013-DataBreachQuickView.pdf

About Risk Based Security, Inc.

Risk Based Security is a leading-edge security and threat intelligence
company. We provide the most  timely, highest quality and most fully
comprehensive vulnerability and data breach intelligence services
available. Data intelligence is the basis for our consulting and
information security services including ISO/IEC 27001, SDL and our virtual
YourCISO service.

For more information, please contact us via email or call 855-RBS-RISK.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!