The US is on course for a record number of data breaches this year, according to the Internet Theft Resource Center’s (ITRC) mid-year data breach report.
Through June 2017, US companies reported 791 data breaches. There were 613 reported breaches at the same period in 2016, so at this pace, 2017’s figures will smash last year’s record of 1,093.
There has been a surge in reported breaches in the past two years. Between 2005, when the ITRC started recording data breaches, and 2015, the average number of reported breaches was 528.
The ITRC keeps track of data breaches confirmed by the media or state governmental agencies, and releases an updated list each week.
Business sector is the most breached
The ITRC breaks down its figures into five industry sectors: financial (including banking and credit), healthcare/medical, government/military, education, and business. For the past two years, the business sector was the most breached, and it leads the way again this year, accounting for 54.7% of all incidents.
The healthcare/medical industry is the second most breached (22.6%), although that figure may be boosted because healthcare organizations must report breaches that affect 500 or more people. The education sector ranks third (11%), followed by the financial sector (5.8%) and government/military (5.6%).
Hacking is the leading cause
So far this year, the majority of data breaches (63%) were the result of hacking. The ITRC includes phishing, ransomware/malware and skimming in this category.
Phishing has proven to be particularly common, having been used in 47.7% of hacks. Ransomware/malware, a category added this year, was present in 18.5% of hacking attacks.
To combat the rise in phishing and ransomware, we have developed a ten-minute course to help you protect yourself and your organization. Staff who complete our Phishing and Ransomware – Human patch e-learning course will be able to:
- Explain what phishing, ransomware, and crypto-ransomware are
- Outline the consequences of such attacks
- Identify how to avoid falling victim to phishing attacks and ransomware
- List the steps to take if they think they’ve been compromised
By equipping your staff with an understanding of these threats and how to prevent them, you can significantly reduce the risk of your organization falling victim to an attack.