IBM today released research and intelligence reports on data breaches in the retail sector and trends for the Black Friday/Cyber Monday period.
According to the company, a total of more than 61 million retail records were stolen, lost or leaked in the United States last year, which is less than the over 70 million records compromised in 2013.
There have been several massive data breaches over the past years in which tens of millions of records had been compromised. The list includes The Home Depot (56 million records), Target (70 million records), Sony (12 million records leaked in the 2011 incident), Steam (35 million records), and TJX (100 million records).
If these incidents are removed from the equation and only breaches with less than 10 million lost records are taken into consideration, we see that the total number of compromised retail records has increased considerably since 2012.
While the number of compromised records has increased over the past years, IBM has determined that the number of breaches reported has decreased since 2012 by over 50%.
Since 2005, a large majority of retail breaches involved successful deployment of malware or the exploitation of an endpoint. Other methods of loss involved portable devices, stationary devices, unintended disclosure, payment card fraud, insiders, and physical loss, IBM said.
The report shows that most of the retail attacks observed by IBM in 2014 leveraged command or SQL injections. Many of the company’s customers also noticed attempts to exploit the ShellShock vulnerability, but the attacks were unsuccessful because IBM had warned them about the exploit three weeks before it was disclosed.
As far as Black Friday/Cyber Monday is concerned, the number of security attacks during this time period has been declining since 2012. However, experts have pointed out that major data breaches are not uncommon in this period. A perfect example are the Target breach from 2013 and the recent Sony Pictures Entertainment incident.
“The lower than average daily security attacks during this time can possibly be the result of attackers performing their dirty work earlier in the year to then reap the benefits during the holiday shopping frenzy. Often, attackers infiltrate targeted systems and then spend months stealthily collecting data before any announcement is made or the organization becomes privy to the compromise,” IBM said in its report.
Retail and wholesale were the most targeted industries last year. In 2012 and 2013, finance and insurance, information and communications, and manufacturing were the most targeted industries.
In the previous two years, malicious code was the primary attack method, but in 2014 unauthorized access took its place, accounting for roughly half of incidents, IBM noted in its report.
IBM reported that 10 breaches were disclosed during the period known as Black Friday through Cyber Monday in 2014, the same number as in 2010.
Additional details are available in the retail industry overview report and the holiday trends report.