More Than 4.1 Billion Records Exposed in 2019

August 15, 2019

More than 3,800 data breaches were reported from January through June 30, exposing over 4.1 billion records, according to the 2019 MidYear Data Breach Quickview Report.

Compared to midyear of 2018, the number of reported breaches was up 54 percent and the number of exposed records was up 52 percent. Of the breached organizations that could be definitively classified, the Business sector accounted for 67 percent of reported breaches, followed by Medical (14 percent), Government (12 percent) and Education (7 percent). This continues the trend observed in the Q1 2019 report.

Additional key findings include:

In Q1, three breaches were reported as exposing over 100 million records. In Q2 another five breaches were reported as exposing 100 million records or more. Collectively, these eight breaches exposed over 3.2 billion records or 78.6 percent of the total records exposed through June 30.
The Business sector accounted for 84.6 percent of the records exposed followed by Unclassified at 14.8 percent and Medical at 0.3 percent. The Government and Education sectors combined accounted for 12.9 million records exposed through the midyear point.
Web remains the number one breach type for number of records exposed, accounting for 79 percent of compromised records, while Hacking remains the number one breach type for number of incidents, accounting for 82 percent of reported breaches.
Email addresses and passwords remain prized targets, with email addresses exposed in approximately 70 percent of reported breaches and passwords exposed in approximately 65 percent of reported breaches.

In the first 6 months of the year, 137 breaches exposed sensitive data belonging to third parties. While some of these events were relatively mundane, others had far-reaching implications. Perhaps none was worse than the compromise at American Medical Collection Agency (AMCA). Initially reported as a breach at Quest Diagnostics, it quickly became clear the breach actually occurred at AMCA. The fallout has been substantial. Clients severed their relationship with AMCA, consumer lawsuits were filed within days of the initial breach disclosure and most devastating of all, AMCA was forced into filing for bankruptcy protection a mere 2 weeks after news of the breach made headlines.

A closer look at breaches impacting third parties, and their data, shows a striking difference compared to all breaches in Q2. Email addresses and passwords fall toward the bottom of the data types compromised while names, addresses, Social Security numbers and dates of birth climb to the top of the chart. Not only can these breaches be more difficult to manage given the multiple parties involved, they can also have more damaging consequences for the individual’s whose data is exposed in the event.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

More Than 4.1 Billion Records Exposed in 2019

Related Articles

Related Products

Report Abusive Comment