Connect with us

Hi, what are you looking for?


Data Protection

2,227 Breaches Exposed 6 Billion Records in First Half of 2017: Report

More than 6 billion records were exposed as a result of the 2,227 data breaches that were reported in the first six months of 2017, according to a new report from Risk Based Security.

More than 6 billion records were exposed as a result of the 2,227 data breaches that were reported in the first six months of 2017, according to a new report from Risk Based Security.

The number of publicly disclosed data compromise events through June 30 remained in line with the number of breaches disclosed mid-way through 2015 and 2016, but the total number of records exposed surpassed 2016’s year-end high mark.

The top 10 data breaches exposed 5.6 billion of the 6 billion records compromised, and had an average severity score of 9.82 out of 10.0, Risk Based Security’s report (PDF) reveals.

Data Breaches The United States registered by far the largest number of data breaches at 1,367, followed by the United Kingdom at 104, Canada at 59, India at 52, and Australia at 34. Overall, North America accounted for 64.2% of the breaches reported in the first half of 2017, while breaches involving U.S. entities accounted for 61% of incidents and 30% of the records compromised.

Although only 22 breaches happened in the country, China accounted for 48.83% of the records exposed (or 3,822,024,257), followed by the United States with 47.86% of them (or 3,746,193,334). India landed on the third position with 2.29% of the exposed records (or 179,055,018).

Hacking accounted for the largest number of incidents (927), followed by skimming (272) and phishing (253). Web (inadvertent online disclosure) accounted for 68.1% of the records exposed, while hacking only for 30.8% of them. Stolen computer compromise landed on the third position (0.9%) after a 55.1 million voter records were exposed following the theft of a computer from the COMELEC (Philippines Election Commission) offices.

Names were exposed the most following data breaches (40.6% of incidents), followed by email addresses (33.2% breaches), physical addresses (30.4%), passwords (28.0%), and Social Security numbers (26.1%). The percentage of incidents impacting Social Security numbers increased from 17.6% in 2016 to 26.1% in 2017, while that of breaches impacting Names increased from 36.1% to 40.6%.

While most incidents were the result of outside compromise (1,794), there was an increase in the number of breaches that resulted from insider activity compared to first quarter of the year: 16.0% vs 12.1%. Furthermore, insider activity accounted for most exposed records, as a single insider incident exposed over 2 billion records.

Advertisement. Scroll to continue reading.

The business sector was hit the most by data breaches during the first half of the year: organizations in this sector accounted for 56.5% of the breaches impacting data belonging to customers, clients or other 3rd parties (three of the largest breaches in the first half of 2017 impacted 3rd parties). The business sector accounted for 93% of the total records exposed.

According to Risk Based Security’s report, there was a 25% increase in the number of incidents targeting tax data, in the form of successful phishing attacks compromising W-2 data. However, as soon as the tax season ended, the number of phishing attacks declined. One incident involving Job Link Alliance resulted in the compromise of approximately 5.5 million job seekers’ names, addresses, dates of birth, and Social Security numbers.

The top severity breaches impacted DU Caller Group (2,000,000,000 user phone numbers, names and addresses exposed), NetEase, Inc. (hackers stole 1,221,893,767 email addresses and passwords), River City Media, LLC (1,374,159,612 names, addresses, IP addresses, and email addresses, and an undisclosed number of financial documents, chat logs, and backups exposed), and Deep Root Analytics (198,000,000 voter names, addresses, dates of birth, phone numbers, political party affiliations, and other demographic information).

Other high profile breaches impacted Edmodo (77,000,000 user email addresses, usernames, and bcrypt hashed passwords with salts stolen), EmailCar (267,693,854 email addresses and phone numbers exposed), Tencent Holdings Ltd (129,696,449 email addresses and passwords stolen), National Social Assistance Programme in India (135,000,000 Aadhaar numbers and 100,000,000 linked bank account numbers, as well as names, caste, religion, addresses, phone numbers, photographs, and assorted financial details leaked), Youku (91,890,110 user accounts with usernames, email addresses and MD5 encrypted passwords stolen), and Yahoo Japan (23,590,165 email addresses and passwords stolen).

“It is stunning to see the steady increase in the number of breaches impacting one million or more records. In the first six months of 2013, 2014 and 2015, the number of these large breaches hovered in the mid tens. Last year we saw that number jump to 28, and now, for the first six months of this year, we’re tracking 50 such incidents. Even more striking, in Q1 we had a new single largest breach disclosed, only to be replaced by yet another all-time largest breach in Q2,” Inga Goddijn, Executive Vice President for Risk Based Security, said.

Related: 4.2 Billion Records Exposed in Data Breaches in 2016: Report

Related: Number of U.S. Data Breaches Increased in 2016: Report

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.