Q2 research released by The Identity Theft Resource Center (ITRC) shows the US is on track as a record breaker for data compromise, with 951 publicly reported incidents in the second quarter, a 114% increase on the previous three months, for a total of 1393 data compromises. This pace could see 2023 easily surpassing the all-time annual high of 1,862 compromises in 2021.
ITRC CEO and president, Eva Velasquez, called the new stats as “historic”, adding; “Since we started tracking data compromises in 2005, only the full years of 2017, 2021 and 2022 have exceeded the number of data events recorded in the first six months of 2023,” she explained.
Though the number of reported breaches increased significantly, the total number of impacted individuals so far dropped from 424 million in 2022 to 156 million this year.
- Data breaches: 99% of all incidents
- Cyber-attacks : 75%
- System and human error: 22%
- Supply chain attacks: 8% (14% of victims)
- The top industries affected : Healthcare & Financial Services
I have two comments for you. The first is from Stephen Gates, Principal Security SME, Horizon3.ai:
“The key takeaway here is that attackers have changed their TTPs in several ways beginning in mid-to-late 2022. Today, ransomware is the name of the game, but attackers have added a twist. In the past run-of-the-mill breaches, attackers were silently stealing PII so they could sell it to 3rd parties, who would then use the PII as part of their identify theft and fraud campaigns. Now, it appears the initial attackers want a bigger piece of the pie.
“What we are currently seeing across all industries is that attackers are gaining remote access like they always have. But now they are harvesting vast amounts of data and threatening organizations with data disclosure if they don’t pay up. What this does is prove attackers have, and are maintaining, remote access while staying under the radar of common detection approaches.
“If organizations refuse to pay to stop the data disclosure, attackers then proceed with the traditional ransomware campaign, locking up systems, encrypting data stores, and basically taking the organization offline. This acts as a double whammy. “If organizations pay the first ransom to stop the data disclosure, will that stop the second threat of a full-scale ransomware takedown? I don’t think anyone knows the answer to that question. But the real key to thwarting all of this is to find the attack paths attackers are likely taking inside your network and fix them ASAP.”
Roy Akerman, Co-Founder & CEO, Rezonate follows with this:
“The evolution of the everywhere enterprise, remote workforce, distributed architecture, public cloud and SaaS, alongside sophistication and profitable business models by attackers, creates a perfect storm and will continue to evolve. Digital transformation continues to increase the attack surface, as well vulnerabilities and exposures arising as a result. Organizations must stay vigilant and prioritize security as a business goal, including CISO’s becoming part of the board and management decision making process.”
Consider this a warning that you have to do everything that you can to avoid being a statistic the next time that this report comes out.
US Data Breaches tracking to exceed all previous years
Posted in Commentary with tags ITRC on July 13, 2023 by itnerdQ2 research released by The Identity Theft Resource Center (ITRC) shows the US is on track as a record breaker for data compromise, with 951 publicly reported incidents in the second quarter, a 114% increase on the previous three months, for a total of 1393 data compromises. This pace could see 2023 easily surpassing the all-time annual high of 1,862 compromises in 2021.
ITRC CEO and president, Eva Velasquez, called the new stats as “historic”, adding; “Since we started tracking data compromises in 2005, only the full years of 2017, 2021 and 2022 have exceeded the number of data events recorded in the first six months of 2023,” she explained.
Though the number of reported breaches increased significantly, the total number of impacted individuals so far dropped from 424 million in 2022 to 156 million this year.
I have two comments for you. The first is from Stephen Gates, Principal Security SME, Horizon3.ai:
“The key takeaway here is that attackers have changed their TTPs in several ways beginning in mid-to-late 2022. Today, ransomware is the name of the game, but attackers have added a twist. In the past run-of-the-mill breaches, attackers were silently stealing PII so they could sell it to 3rd parties, who would then use the PII as part of their identify theft and fraud campaigns. Now, it appears the initial attackers want a bigger piece of the pie.
“What we are currently seeing across all industries is that attackers are gaining remote access like they always have. But now they are harvesting vast amounts of data and threatening organizations with data disclosure if they don’t pay up. What this does is prove attackers have, and are maintaining, remote access while staying under the radar of common detection approaches.
“If organizations refuse to pay to stop the data disclosure, attackers then proceed with the traditional ransomware campaign, locking up systems, encrypting data stores, and basically taking the organization offline. This acts as a double whammy. “If organizations pay the first ransom to stop the data disclosure, will that stop the second threat of a full-scale ransomware takedown? I don’t think anyone knows the answer to that question. But the real key to thwarting all of this is to find the attack paths attackers are likely taking inside your network and fix them ASAP.”
Roy Akerman, Co-Founder & CEO, Rezonate follows with this:
“The evolution of the everywhere enterprise, remote workforce, distributed architecture, public cloud and SaaS, alongside sophistication and profitable business models by attackers, creates a perfect storm and will continue to evolve. Digital transformation continues to increase the attack surface, as well vulnerabilities and exposures arising as a result. Organizations must stay vigilant and prioritize security as a business goal, including CISO’s becoming part of the board and management decision making process.”
Consider this a warning that you have to do everything that you can to avoid being a statistic the next time that this report comes out.
Leave a comment »