Dedicated to providing the latest
HIPAA compliance news

2017 Data Breach Report Reveals 305% Annual Rise in Breached Records

Share this article on:

A 2017 data breach report from Risk Based Security (RBS), a provider of real time information and risk analysis tools, has revealed there has been a 305% increase in the number of records exposed in data breaches in the past year.

For its latest breach report, RBS analyzed breach reports from the first 9 months of 2017. RBS explained in a recent blog post, 2017 has been “yet another ‘worst year ever’ for data breaches.”

In Q3, 2017, there were 1,465 data breaches reported, bringing the total number of publicly disclosed data breaches up to 3,833 incidents for the year. So far in 2017, more than 7 billion records have been exposed or stolen.

RBS reports there has been a steady rise in publicly disclosed data breaches since the end of May, with September the worst month of the year to date. More than 600 data breaches were disclosed in September.

Over the past five years there has been a steady rise in reported data breaches, increasing from 1,966 data breaches in 2013 to 3,833 in 2017. Year on year, the number of reported data breaches has increased by 18.2%.

The severity of data breaches has also increased. In 2016, 2.3 billion records were exposed in the first 9 months of the year. In 2017, the figure jumped to 7.09 billion.

The majority of the exposed records in 2017 came from five breaches, which exposed approximately 78.5% of all the records exposed so far in 2017.

The breach at DU Caller exposed 2,000,000,000 records; the River City Media breach saw 1,374,159,612 records exposed; An unnamed web breach exposed 711,000,000 records; and the EmailCar breach saw 267,000,000 records exposed.

Those five breaches made the top ten list of the worst data breaches of all time, and were ranked as the 2nd, 3rd,  4th, and 9th worst data breaches of all time. With the exception of one breach in 2014, all of the top ten data breaches of all time have been discovered in 2016 (4) and 2017 (5).

While the above five breaches involved the most records, the most severe data breach of the year to date was the breach at Equifax, which exposed the records of 145,500,000 individuals. The breach only ranks in 18th place in the list of the worst data breaches of all time, but RBS rates it as the most severe data breach of 2017 due to the nature of data obtained by the hackers.

The main cause of 2017 data breaches, by some distance, was hacking. 1,997 data breaches were due to hacks, 433 breaches were due to skimming, phishing was behind 290 breaches, viruses caused 256 breaches, and 206 breaches were due to web attacks.

Web attacks may have come in at fifth place in terms of the number of breaches, but the attacks resulted in the greatest number of exposed records – 68.5% of the total. Hacking accounted for 30.9% of exposed records.

The business sector has been worst affected by data breaches in 2017, accounting for 68.5% of the total, followed by ‘unknown’ on 12.6%. Medical data breaches were in third place accounting for 8.5% of the total.

RBS reports that there have been 69 data breaches reported in 2017 that involved the exposure or more than a million records.

The Risk Based Security 2017 Data Breach Report can be viewed here.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On