Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Number of U.S. Data Breaches Increased in 2016: Report

The number of data breaches disclosed by organizations in the United States has increased by 40 percent in 2016 compared to the previous year, according to a report released on Thursday by CyberScout (formerly IDT911) and the Identity Theft Resource Center (ITRC).

The number of data breaches disclosed by organizations in the United States has increased by 40 percent in 2016 compared to the previous year, according to a report released on Thursday by CyberScout (formerly IDT911) and the Identity Theft Resource Center (ITRC).

ITRC has counted 1,093 breaches and more than 36 million exposed records across sectors such as financial, business, education, government and military, and healthcare. While this is an all-time record high and a significant increase from the 780 breaches reported in 2015, experts believe this upwards trend is also due to more states disclosing incidents on their websites.

It’s also worth noting that while 36 million records might not seem much, ITRC has pointed out that half of the breach notifications did not disclose the number of exposed records.

Nearly half of the data breaches disclosed last year affected the business sector (494), followed by healthcare (377), education (98), government (72) and financial (52). Hacking, phishing and skimming attacks, including business email compromise (BEC) schemes, accounted for more than 55 percent of incidents.

Data breach trends

ITRC has determined that at least 52 percent of the breaches reported in 2016 involved social security numbers and 13 percent involved payment cards. While the number of incidents exposing credit and debit cards has decreased compared to 2015, exposure of SSNs increased by 8.2 percent.

“More than half of the breaches reported by the ITRC included the skeleton key to our lives: the Social Security number. This trend, which has accelerated since 2015— when just four breaches exposed over 120 million Social Security numbers to state-sponsored hackers and cyber criminals— represents the point of no return for millions of Americans,” said Adam Levin, Chairman and Founder of CyberScout. “While credit and debit card numbers can be changed, SSNs cannot. Therefore, monitoring and damage control become even more important than ever before.”

The complete list of breached organizations and information on each incident are available in ITRC’s 2016 Data Breach Report.

Related Reading: Breach Detection Time Improves, Destructive Attacks Rise

Advertisement. Scroll to continue reading.

Related Reading: Over 700 Million Data Records Compromised in 2015

Related Reading: 400,000 Records Exposed in Michigan State University Breach

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...