More Than 4.1 Billion Records Exposed in 2019

August 15, 2019

More than 3,800 data breaches were reported from January through June 30, exposing over 4.1 billion records, according to the 2019 MidYear Data Breach Quickview Report.

Compared to midyear of 2018, the number of reported breaches was up 54 percent and the number of exposed records was up 52 percent. Of the breached organizations that could be definitively classified, the Business sector accounted for 67 percent of reported breaches, followed by Medical (14 percent), Government (12 percent) and Education (7 percent). This continues the trend observed in the Q1 2019 report.

Additional key findings include:

In Q1, three breaches were reported as exposing over 100 million records. In Q2 another five breaches were reported as exposing 100 million records or more. Collectively, these eight breaches exposed over 3.2 billion records or 78.6 percent of the total records exposed through June 30.
The Business sector accounted for 84.6 percent of the records exposed followed by Unclassified at 14.8 percent and Medical at 0.3 percent. The Government and Education sectors combined accounted for 12.9 million records exposed through the midyear point.
Web remains the number one breach type for number of records exposed, accounting for 79 percent of compromised records, while Hacking remains the number one breach type for number of incidents, accounting for 82 percent of reported breaches.
Email addresses and passwords remain prized targets, with email addresses exposed in approximately 70 percent of reported breaches and passwords exposed in approximately 65 percent of reported breaches.

In the first 6 months of the year, 137 breaches exposed sensitive data belonging to third parties. While some of these events were relatively mundane, others had far-reaching implications. Perhaps none was worse than the compromise at American Medical Collection Agency (AMCA). Initially reported as a breach at Quest Diagnostics, it quickly became clear the breach actually occurred at AMCA. The fallout has been substantial. Clients severed their relationship with AMCA, consumer lawsuits were filed within days of the initial breach disclosure and most devastating of all, AMCA was forced into filing for bankruptcy protection a mere 2 weeks after news of the breach made headlines.

A closer look at breaches impacting third parties, and their data, shows a striking difference compared to all breaches in Q2. Email addresses and passwords fall toward the bottom of the data types compromised while names, addresses, Social Security numbers and dates of birth climb to the top of the chart. Not only can these breaches be more difficult to manage given the multiple parties involved, they can also have more damaging consequences for the individual’s whose data is exposed in the event.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Organized Retail Crime (ORC) is a serious problem that has been on the rise for several years. The unprecedented event of the current pandemic will rival or even exceed any previous events. If COVID-19 by itself wasn't bad enough, add civil disturbance, bail reform, and the state of law enforcement, and you have a perfect storm.

Security Magazine

2020 August

This month in Security magazine, we examine how physical security leaders are being propelled into a unique position of revenue preservers and risk managers for their businesses. In addition, we profile Scott Ashworth, Director of Security for Atlanta United. Also, security leaders discuss how to develop cybersecurity careers, election security, data protection strategies, measuring and reporting security operations maturity and more!

View More Create Account

More Than 4.1 Billion Records Exposed in 2019

Related Articles

Related Products

Related Events

Report Abusive Comment