Security Experts:

Connect with us

Hi, what are you looking for?



1.4 Billion Records Compromised in 2016: Report

Nearly 1.4 billion records were compromised in 2016 as a result of roughly 1,800 data breaches, according to Gemalto’s latest Breach Level Index report.

Nearly 1.4 billion records were compromised in 2016 as a result of roughly 1,800 data breaches, according to Gemalto’s latest Breach Level Index report.

The company said the number of compromised records increased by 86 percent compared to the previous year. The report also shows that more than 1,000 incidents, or 59 percent of the total, involved theft of identity information, while nearly 30 percent involved financial and account data.

Data collected by Gemalto shows that 68 percent of data breaches were the work of malicious external hackers, while 19 percent of incidents were classified as accidental leaks. Malicious insiders accounted for 9 percent of breaches.

The most serious breaches mentioned in the report affected FriendFinder Networks (412 million records), the Philippines Commission on Elections (77 million records), DailyMotion (85 million records), Fling (40 million records), the Indian state of Kerala (34 million records), and Evony (33 million records).

The Yahoo breaches disclosed last year, which involved hundreds of millions of user records, were not taken into account due to the fact that the incidents occurred in 2013 and 2014. Based on the same logic, the Fling breach should have been excluded as well as it appears to have occurred in 2011.

Furthermore, the report also lists the “17” streaming app with 30 million records, but an analysis of the hackers’ claims showed that the actual number of compromised records was roughly 4 million.

According to Gemalto, the healthcare industry was hit the hardest in terms of the number of incidents, and accounted for more than a quarter of breaches. Other affected sectors are government (15%), retail (12%), financial services (12%), and technology (11%).

When it comes to the number of compromised records, the government and tech sectors take the lead with roughly 391 million records each.

As for the geographical distribution of affected organizations, 80 percent of the breaches catalogued by Gemalto affected the United States.

Gemalto breach level index

The company said more than 7 billion records were lost or stolen since 2013, which means that, on average, more than 4.5 million records are compromised every day. Of all the incidents known to Gemalto, only 4 percent involved efficient encryption that made the exposed data useless.

Risk Based Security reported in January that the total number of records exposed in 2016 was 4.2 billion, but the company also included the Yahoo, MySpace and other incidents that took place in previous years.

Related: Los Angeles County Notifies 756,000 of Data Breach

Related: Forged Cookie Attack Affected 32 Million Yahoo Users

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.