2.6 billion data records have been exposed

According to Risk Based Security, 2,308 data breaches have been disclosed this year through June 30, exposing more than 2.6 billion records. After a drop in breaches earlier this year, it has returned to a ‘typical’ pace.

The report found the following:

  • Phishing for usernames and passwords then using the stolen credentials to access systems or services stands out as a particularly popular attack method in the first six months of the year
  • The number of instances targeting employees’ W-2 forms remained low, with 42 such breaches reported through Q2 2018 compared to 239 for the same period in 2017
  • The business sector accounted for 40% of reported data breaches, followed by medical (8.3%), government (8.2%), and education (4.5%). Nearly 40% of breached organizations could not be definitively classified
  • Five breaches exposed 100 million or more records, accounting for approximately 2 billion of the 2.6 billion total exposed records
  • The business sector accounted for 52% of the records exposed followed by government at 2%. The pattern from 2017 remains the same, with the medical and education sectors combined accounting for less than 1% of the total records exposed through the first six months of the year

Risk Based Security also reported that the most severe reported data breaches reported came from Exactis, Facebook, and Under Armour.

Data breaches included:

  • Exactis: (Web) 230,000,000 personal details of adults and information on 110 million business contacts were exposed on the Internet due to a misconfigured marketing database
  • Facebook: (Fraud) 87,000,000 user profile details were obtained by a third-party application without clear authorization for redistribution and in violation of platform guidelines
  • Under Armour: (Hacking) 150,000,000 email addresses, usernames, and hashed passwords belonging to users of the MyFitnessPal app were accessed by a criminal hacker

A recent study, by the University of Central Florida has reported a rise in healthcare breaches.

Is there a way to avoid data breaches?


Get #BreachReady. IT Governance USA’s new campaign proposes solutions to help organizations prepare for and handle breaches with its three-tier promotional discounts:

  • SPF 10: 10% discount on purchases between $5,000 and $14,999 (excluding tax and shipping)
  • SPF 15: 15% discount on purchases between $15,000 and $29,999 (excluding tax and shipping)
  • SPF 20: 20% discount on purchases $30,000 and above (excluding tax and shipping)