[BreachExchange] New Research: Number of Records Exposed Reaches Staggering 36 Billion

Thu Oct 29 10:43:39 EDT 2020

https://www.riskbasedsecurity.com/2020/10/29/new-research-number-of-records-exposed-reaches-staggering-36-billion/

Today, we released our new 2020 Q3 Data Breach QuickView Report, which
reveals that the number of records exposed has increased to a
staggering 36 billion. There were 2,935 publicly reported breaches in
the first three quarters of 2020, with the three months of Q3 adding
an additional 8.3 billion records to what was already the “worst year
on record.”

“Breach disclosures continue to be well below the high water mark
established just last year despite other research indicating the
number of attacks are on the rise. How do we square these two
competing views into the digital threat landscape?“

Inga Goddijn, Executive Vice President, Risk Based Security

This question is discussed in our 2020 Q3 Data Breach QuickView
Report. The report explores numerous factors such as how media
coverage may be a factor contributing to the decline in publicly
reported breaches. In addition, the increase of ransomware attacks may
also have a part to play.

“While many of these attacks are now clearly breach events, the nature
of the data compromised can give some victim organizations a reprieve
from reporting the incident to regulators and the public.

After all, while the compromised data may be sensitive to the target
organization, unless it contains a sufficient amount of personal data
to trigger a notification obligation the event can go unreported.“

Inga Goddijn, Executive Vice President, Risk Based Security

The 2020 Q3 Data Breach QuickView Report covers the data breaches
reported between January 1, 2020 and September 30, 2020. In addition
to the latest breach data research, the report also dissects alarming
trends involving the coming November elections, where several US voter
databases have been shared and discussed on both Russian and English
speaking hacking forums.

Our on-demand webinar, Secure The Vote: Hacktivism and Vulnerabilities
in US Elections, is available. It explores the impact of campaigns of
influence and real-world hardware vulnerabilities in the US election
system.

About the QuickView Report and Cyber Risk Analytics

The quarterly Data Breach QuickView report is a service of Cyber Risk
Analytics (CRA), which provides actionable threat intelligence about
organizations that have had a data breach or leaked credentials. This
enables organizations to reduce exposure to the threats most likely to
impact them and their vendor base.

In addition, our PreBreach vendor risk ratings, the result of a
deep-view into the metrics driving cyber exposures, are used to better
understand the digital hygiene of an organization and the likelihood
of a future data breach.

The integration of PreBreach ratings into security processes, vendor
management programs, cyber insurance processes and risk management
tools allows organizations to avoid costly risk assessments, while
enabling businesses to understand their risk posture, and to act
quickly and appropriately to proactively protect their most critical
information assets.