Security Experts:

1.4 Billion Records Compromised in 2016: Report

Nearly 1.4 billion records were compromised in 2016 as a result of roughly 1,800 data breaches, according to Gemalto’s latest Breach Level Index report.

The company said the number of compromised records increased by 86 percent compared to the previous year. The report also shows that more than 1,000 incidents, or 59 percent of the total, involved theft of identity information, while nearly 30 percent involved financial and account data.

Data collected by Gemalto shows that 68 percent of data breaches were the work of malicious external hackers, while 19 percent of incidents were classified as accidental leaks. Malicious insiders accounted for 9 percent of breaches.

The most serious breaches mentioned in the report affected FriendFinder Networks (412 million records), the Philippines Commission on Elections (77 million records), DailyMotion (85 million records), Fling (40 million records), the Indian state of Kerala (34 million records), and Evony (33 million records).

The Yahoo breaches disclosed last year, which involved hundreds of millions of user records, were not taken into account due to the fact that the incidents occurred in 2013 and 2014. Based on the same logic, the Fling breach should have been excluded as well as it appears to have occurred in 2011.

Furthermore, the report also lists the “17” streaming app with 30 million records, but an analysis of the hackers’ claims showed that the actual number of compromised records was roughly 4 million.

According to Gemalto, the healthcare industry was hit the hardest in terms of the number of incidents, and accounted for more than a quarter of breaches. Other affected sectors are government (15%), retail (12%), financial services (12%), and technology (11%).

When it comes to the number of compromised records, the government and tech sectors take the lead with roughly 391 million records each.

As for the geographical distribution of affected organizations, 80 percent of the breaches catalogued by Gemalto affected the United States.

Gemalto breach level index

The company said more than 7 billion records were lost or stolen since 2013, which means that, on average, more than 4.5 million records are compromised every day. Of all the incidents known to Gemalto, only 4 percent involved efficient encryption that made the exposed data useless.

Risk Based Security reported in January that the total number of records exposed in 2016 was 4.2 billion, but the company also included the Yahoo, MySpace and other incidents that took place in previous years.

Related: Los Angeles County Notifies 756,000 of Data Breach

Related: Forged Cookie Attack Affected 32 Million Yahoo Users

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.