The 2019 Data Breach Report is available now and you’ll be surprised at the numbers so far this year. Unfortunately, the numbers are growing by the day.
The Privacy Rights Clearinghouse maintains a database of all breaches that have been made public in their Chronology of Data Breaches. This report acts as a source of information to assist in research involving reported data breaches from 2005 to present.
This report only includes publicly reported breaches — many organizations aren’t required to report breaches and some don’t know they have been breached. In addition, some organizations are unaware of how many records have been compromised.
The Chronology of Data Breaches includes data breaches and the number of records breached reported through either government agencies or verifiable media sources.
Current 2019 Data Breach Report:
Total Data Breaches: 222
Records Exposed: 9,727,276
As a comparison, the data breach report for 2018 is:
Total Data Breaches: 668
Records total: 1,369,452,404
Data Breaches by Breach Type
Breach Type Codes:
Payment Card Fraud (CARD) – Fraud involving debit and credit cards that are not accomplished via hacking. For example, skimming devices at point-of-service terminals.
Hacking or Malware (HACK) – Hacked by an outside party or infected by malware
Insider (INSD)– Insider (someone with legitimate access intentionally breaches information – such as an employee, contractor or customer)
Physical Loss (PHYS) – Includes paper documents that are lost, discarded or stolen (non-electronic)
Portable Device (PORT) – Lost, discarded or stolen laptop, PDA, smartphone, memory stick, CDs, hard drive, data tape, etc.
Stationary Device (STAT) – Stationary computer loss (lost, inappropriately accessed, discarded or stolen computer or server not designed for mobility)
Unintended Disclosure (DISC) – Unintended disclosure (not involving hacking, intentional breach or physical loss – for example sensitive information posted publicly, mishandled or sent to the wrong party via publishing online, sending in an email, sending in a mailing or sending via fax)
Hackers Dominate 2019 Data Breach Report
Hackers can infiltrate your organization in a number of ways, so it is necessary to safeguard your organization. We recommend starting with a security assessment so you fully understand your threat landscape and any potential gaps that may have been overlooked.
Our 24/7 cybersecurity team offers continuous cyber threat detection and remediation through the following services:
Managed SIEM – Your organization may already have SIEM technology that aggregates data from all of your security controls into a single correlation engine, but it may also create huge amounts of alerts including false positives. Our security experts can tune your SIEM and provide insightful analysis for real-time threat detection and incident response.
Managed Detection & Remediation – Our team uses artificial intelligence to stop advanced threats and malware at the most vulnerable point – the endpoint. We offer the remediation skills and expertise to help you contain the incident as quickly as possible.
Patch & Vulnerability Management – By adding real-time vulnerability scanning and responsive patch management, these services are proactive tactics which greatly reduce the technical threat landscape by continuously identifying and remediating newly discovered technical vulnerabilities within your ever-evolving environment.
By creating the proper foundation, especially with a security framework like NIST, you’ll be able to significantly reduce your threat landscape.