[BreachExchange] Reported breaches in the first 9 months of 2018 exposed 3.6 billion records

Mon Nov 12 04:07:19 EST 2018

https://www.helpnetsecurity.com/2018/11/12/publicly-reported-breaches/

There have been 3,676 publicly disclosed data compromise events
through September 30. Breach activity continues at a consistent pace
for 2018, which although significant in level, will likely not reach
the numbers we saw in 2017, according to the 2018 Q3 Data Breach
QuickView report by Risk Based Security.

“The number of reported breaches shows some improvement compared to
2017 and the number of records exposed has dropped dramatically,” said
Inga Goddijn, Executive Vice President for Risk Based Security.
“However, an improvement from 2017 is only part of the story, since
2018 is on track to have the second most reported breaches and the
third most records exposed since 2005. Despite the decrease from 2017,
the overall trend continues to be more breaches and more mega breaches
impacting tens of millions, if not hundreds of millions, of records at
once.”

A new metric Risk Based Security has been tracking in 2018 is the time
interval between when a breach is discovered by the compromised
organization to when the event is publicly disclosed. Overall the gap
has been closing. However, looking at the averages for each of the
five years, 2018 shows no improvement compared to 2017 despite
mounting regulatory pressure to speed up public disclosure. With 34.5%
of breached organizations unwilling or unable to disclose the number
of records exposed, there’s clearly more progress to be made.

Hacking continues to be the leading cause of data compromise events,
accounting for 57.1% of the disclosed breaches, however hacking is not
responsible for the most records exposed. That dubious honor still
belongs to Fraud, which accounts for 35.7% of the records exposed so
far this year. Though rarely focused on, skimming is a continuing
problem at ATMs and for gas station operators. Approximately 53% of
the skimming events were discovered at ATMs and 42% found on gas
pumps.

“After the curiously slow start to the year, we had hopes that 2018
might finally signal a change in the breach landscape. Unfortunately,
it’s become clear that is not the case. In practically every way, 2018
is on track to be just as ugly as prior years. Insider actions, both
in terms of malicious activity as well as mishandling assets, continue
to drive the high volume of data exposed and any early signs that the
number of incidents was on the decline has evaporated,” commented Ms
Goddijn.

She went on to add, “The primary difference between 2018 and 2017 is
the lack of a catastrophic event like the WannaCry and Petya/NotPetya
outbreaks that left an indelible mark on 2017. All it will take is
another EternalBlue exploiting another widespread vulnerability to put
us right back at at ‘worst year ever’ level of activity.”

Ms. Goddijn concluded, “Based on what we are seeing in our
vulnerability research group, the chances are good that another
Heartbleed or EternalBlue is just around the corner.”