02/19/2014 (press release: bkouns) // Richmond, Virginia, USA // Barry Kouns
According to Risk Based Security, www.riskbasedsecurity.com, 2013 broke the previous all-time record for the number of exposed records caused by reported data breach incidents. The 2,164 incidents reported during 2013 exposed over 822 million records, nearly doubling the previous highest year on record (2011).
Although overshadowed by the number of exposed records, 2013 is also ranked #2 in total reported data breach incidents, just behind 2012. “When you analyze the data breach activity in 2013 it’s hard to find any bright-side,” said Barry Kouns, CEO of Risk Based Security. “Four of the “Top 10” largest data breaches all time were reported in 2013, including the top spot. “
Risk Based Security’s newly released 2013 Data Breach QuickView report shows that 71.2% of reported incidents were the result of external agents or activity outside the organization with hacking accounting for 59.8% of incidents and 72% of exposed records. Incidents involving U.S. entities accounted for 45.5% of the incidents reported and 66.5% of the records exposed.
The Data Breach QuickView report also revealed that individuals’ names, user names, passwords and email addresses were exposed in 37% of reported incidents, with passwords taking the top spot at 47.8% of all 2013 breaches. Taken together, this is more than enough information to commit identity fraud on a large scale.
“Another disturbing fact emerges when you analyze the 2013 data breaches,” added Kouns, “260 incidents involved organizations that have reported a data breach in the past, and sixty organizations reported multiple incidents in 2013. I would not want to be the one to explain that to stakeholders.”
Risk Based Security’s research suggests that organizations in all industries, regardless of size, should be on notice that they face a very real threat from security breaches and need every advantage to protect themselves. Timely, accurate and comprehensive threat intelligence can give organizations the edge they need not to show up in the 2014 data breach report.
About the Data Breach QuickView Report
The Data Breach QuickView report is possible through the partnership and combined resources of Risk Based Security and the Open Security Foundation. It is designed to provide an executive level summary of the key findings from RBS’ analysis of 2013’s data breach incidents. Contact Risk Based Security for your customized analysis of the 2013 data breaches. You can learn more about the 2013 Data Breach QuickView report here: https://www.riskbasedsecurity.com/2014/02/2013-data-breach-quickview/
About Risk Based Security, Inc.
Risk Based Security is a leading security and threat intelligence company providing the most timely, highest quality and most fully comprehensive vulnerability and data breach intelligence services available. RBS uses data intelligence for risk-based consulting and information security services including ISO/IEC 27001, SDL and our virtual YourCISO service.
For more information, please visit http://www.riskbasedsecurity.com/ or call 855-RBS-RISK.