What are the key trends from last year’s BLI?
Last year, we saw a flurry of news around the Yahoo! breaches coming to light several years after-the-fact. While the 1.5 billion compromised records from the Yahoo! breach are not included in 2016 numbers, the Breach Level Index has now reached over 7 billion records compromised, lost or stolen since its inception in 2013. What do last year’s BLI data and the Yahoo! breach have in common?
They represent a noticeable shift in cybercrimals targeting large consumer databases such as social media, entertainment and email websites. The new BLI report and infographic highlight this change, citing almost 1.4 billion compromised records in 2016, up 86% from 2015. AdultFriend Finder, Fling, DailyMotion and 17Media – all large database attacks made the short list of the top scoring breaches in 2016 based on the BLI’s scoring model.
A major reason to target these type of databases involves attempted ransom requests and threats of leaking private information about the users. Cyber criminals are able to extort victims and/or organizations into paying fees in order to avoid having sensitive information made public. This is a new way for fraudsters to maximize their return on investment and create new revenue streams. The information in these databases can also serve as a gateway for further attacks. For example, as reported in an article on the Forbes site in December 2016, hackers stole millions of dollars in bitcoin starting with just a phone number.
What compounds this large database mining effect is when a breach is made public the number of records or compromised information is not always openly disclosed. Sometimes consumers are not even aware of the exact information that has been exposed, making it difficult to asses the real impact of the breach. Last year, alittle over half of all data breaches didn’t disclose the record number. Government legislation regarding public data breach disclosure is a starting point to address this problem.
Data breach legislation will evolve over next couple of years as government agencies around the world update and implement regulations like the European General Data Protection Regulation (GDPR), U.S state disclosure laws, and Australia’s Privacy Amendment (Notifiable Data Breaches). These regulations are all aimed at increasing transparency around data breaches and protecting people’s right to privacy. For many countries, this is the tip of the iceberg, with the U.S. currently making up the majority of all disclosed breaches. As these regulations go into effect, you can expect to see a significant jump in the number of publicly disclosed databreaches and compromised records.
What does the 2016 Breach Level Index Data show?
The good news is the number of data breaches decreased by 4% from 2015, however the bad news is the number of compromised records increased by 86% from 2015. Out of all the data breaches, only 4.2% were “secure breaches” where encryption rendered the stolen data useless representing a small uptick from 4% in 2015. In some of these instances, the password was encrypted, but other information was left unencrypted indicating there is still progress needed to ensure a secure breach environment.
The healthcare industry made up a significant portion of the 2016 data breaches at 28%, however it is one of the few sectors to experience a decrease in the number of compromised records, down 75% since 2015. Due to hacks involving social media, entertainment and email databases – the number of compromise records in the technology and other category spiked. Technology making up only 11% of breaches had a 278% increase in compromised records from 2015. Lastly, the Other category accounting for 13% of all databreaches had an jump in the number of compromised records, up 300% from 2015.