The latest count from the Identity Theft Resource Center (ITRC) reports that there have been 353 data breaches recorded this year through March 21, 2017, and that over 1.3 million records have been exposed since the beginning of the year. The total represents a 56% increase to date compared with 2015.
On Wednesday, New York Attorney General Eric Schneiderman reported that nearly 1,300 data breaches occurred in the state last year and that those incidents exposed personal records of some 1.6 million of the state’s residents. The number of incidents was up 60% year over year and the number of exposed records tripled.
The exposed records consisted “overwhelmingly” of Social Security numbers and financial account information. The AG’s office attributed the release of the personal data primarily to hacking (40%) and inadvertent disclosure (24%). Employee negligence — a combination of inadvertent disclosure, insider wrongdoing and lost devices or media — accounted for 37% of all breaches, nearly as much as hacking.
The medical/health care sector leads all sectors in the number of records compromised so far in 2017. The sector has posted 22.9% (81) of all data breaches. The number of records exposed in these breaches tops 745,000, or about 57.1% of the 2017 total.
The business sector accounts for more than 475,000 exposed records in 187 incidents. That represents 53% of the incidents and 36.4% of the exposed records so far in 2017.
The educational sector has experienced 58 data breaches since the beginning of the year. The sector accounts for 16.4% of all breaches for the year and more than 40,000 exposed records, about 3.1% of the year’s total.
The government/military sector has suffered 20 data breaches to date in 2017, representing about 3.4% of the total number of records exposed and 5.7% of the incidents. More than 44,000 records have been compromised in the government/military sector.
The number of banking/credit/financial sector breaches now totals seven, just 2% of the total incidents reported so far this year. No records have been reported to be compromised in the seven incidents.
Since beginning to track data breaches in 2005, ITRC had counted 7,252 breaches through March 21, 2017, involving about 889 million records.