2017 Data Breaches Top 1,000, Up 24%

Print Email

The latest count from the Identity Theft Resource Center (ITRC) reports that there have been 1,002 data breaches recorded this year through September 12 and that more than 163 million records have been exposed since the beginning of the year. The incident total is 23.7% higher than at the same time last year.

In 2016, the ITRC reported a record total of 1,093 breaches and at the current pace that total could rise to around 1,500 in 2017.

This week’s data includes the 143 million records exposed in a breach at Equifax Inc. (NYSE: EFX). The credit reporting firm revealed the breach on September 7. This past Thursday the company admitted that it failed to fix a vulnerability — called Apache Struts — that had been discovered in March and that was exploited by the attackers.

According to a report at Darkreading.com, fixing the flaw in Apache Struts could be difficult and require significant amounts of rewriting, testing, and deploying an application. There are, however, workarounds that could have been implemented more easily and “given Equifax the time it needed to replace” vulnerable code.

The business sector leads all sectors in the number of records compromised so far in 2017 with more than 149 million exposed records in 527 incidents. That represents 52.6% of the incidents, and 91.2% of the exposed records so far this year. These totals include the Equifax breach.

The medical/healthcare sector has posted 26.3% (264) of all 2017 data breaches. The number of records exposed in these breaches totals over 4.2 million, or about 2.6% of the 2017 total.

The educational sector has experienced 98 data breaches since the beginning of the year. The sector accounts for 9.8% of all breaches for the year and more than 1.1 million exposed records, about 0.7% of the year’s total.

The government/military sector has suffered 49 data breaches to date in 2017, representing about 3.5% of the total number of records exposed and 4.9% of the incidents. More than 5.7 million records have been compromised in the government/military sector.

The number of banking/credit/financial sector breaches now totals 64, some 6.4% of the total incidents reported so far this year. More than 2.7 million records have been reported to be compromised in the incidents.

Since beginning to track data breaches in 2005, ITRC had counted 7,900 breaches through August 22, 2017, involving more than 1.05 billion records.