Sign Up
All SecurityCyber-crimePatchesResearchCSO
All Off-PremEdge + IoTChannelPaaS + IaaSSaaS
All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector
All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization
All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us

Security

More data lost or stolen in first half of 2017 than the whole of last year

That's 1.9 BEEELLION records – and just you wait till GDPR

John Leyden Wed 20 Sep 2017  //  09:58 UTC

More data records were leaked or stolen by miscreants during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion).

Digital security company Gemalto's Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are exposed or swiped every day.

During the first half of 2017 there were 918 reported data breaches worldwide, compared with 815 in the last six months of 2016, an increase of 13 per cent. A total 22 breaches in Q1 2017 included the compromise, theft or loss of more than a million records.

Gemalto estimates less than 1 per cent of the stolen, lost or compromised data used encryption to render the information useless.

Malicious outsiders (cybercriminals) made up the largest single source of data breaches (74 per cent) but accounted for only 13 per cent of all stolen, compromised or lost records. While malicious insider attacks only made up 8 per cent of all breaches, the amount of records compromised was 20 million, up from 500,000 in the previous six months.

North America still makes up the majority of all breaches and the number of compromised records, both above 86 per cent. The number of breaches in North America increased by 23 per cent with the number of records compromised increasing threefold (up 201 per cent).

Traditionally, North America has always had the largest number of publicly disclosed breaches and associated record numbers, although this may change somewhat next year when global data privacy regulations like the European General Data Protection Regulation (GDPR) and Australia's Privacy Amendment (Notifiable Data Breaches) Act come into play.

Europe only had 49 reported data breaches (5 per cent of all breaches), a 35 per cent decline from the six months before.

The UK had the second highest number of reported incidents after the US, with 40 (down from 43). A total of 28,331,861 data records were compromised in the UK in H1 2017 (up 130 per cent from H2 2016).

Half of data incidents in the UK involved a malicious outsider (50 per cent), with 38 per cent attributed to accidental loss. Two-thirds of the breaches in the UK are classified as identity theft (65 per cent).

Government was the single biggest source of security incidents with 12 in H1 2017, ahead of technology firms (seven) and healthcare (six).

The Breach Level Index, which has been running since 2013, benchmarks publicly disclosed data breaches.

As new regulations such as the UK's Data Protection Bill and GDPR come into effect, the numbers of disclosed breaches could skyrocket. ®
Send us news
15 Comments

Lawsuit accuses Grindr of illegally sharing users' HIV status

LGBTQ+ dating app's maker previously denied selling sensitive user data

US House approves FISA renewal – warrantless surveillance and all

PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more

US legislators propose American Privacy Rights Act - and it looks quite good

After two decades of calls for national protections, something may actually happen

96% of US hospital websites share visitor info with Meta, Google, data brokers

Could have been worse – last time researchers checked it was 98.6%

Google cools on cookie phase-out while regulators chew on plans

Privacy Sandbox slips into 2025 after challenges from UK authorities

AT&T admits massive 70M+ mid-March customer data dump is real though old

Still claims the personal info wasn't stolen from its systems

If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers?

One wonders why are there adverts on public-sector portals at all

Europol now latest cops to beg Big Tech to ditch E2EE

Don't bore us, get to the chorus: You need less privacy so we can protect the children

185K people's sensitive data in the pits after ransomware raid on Cherry Health

Extent of information seized will be a concern for those affected

Academics probe Apple's privacy settings and get lost and confused

Just disabling Siri requires visits to five submenus

FYI: This site claims to have harvested 4B+ Discord chats, today all yours for a price

Of course there's an enterprise plan for the Feds and AI trainers

White House tweaks HIPAA to shield medical files of those seeking reproductive care

In theory, this should make it harder for states to compel data-sharing to enforce anti-abortion laws