Data Breaches Remain Below 2014 Level
The latest account from the Identity Theft Resource Center (ITRC) reports that there has been a total of 629 data breaches recorded through October 27, 2015, and that nearly 176 million records have been exposed. The annual total includes 21.5 million records exposed in the attack on the U.S. Office of Personnel Management in June and 78.8 million health care customer records exposed at Anthem in February.
The U.S. Senate on Tuesday passed the Cybersecurity Information Sharing Act (CISA) by a margin of 74 to 21. The vote was applauded by some and criticized by others. Sharing data quickly with the federal government and other businesses in the event of a hacking attack is viewed by supporters of the legislation as its major strength.
Opponents of the bill believe the legislation over-shares user information and risks creating a backdoor method of wiretapping by allowing the sharing and use of cyber threat indicators for a large number of law enforcement purposes that are not at all related to cybersecurity.
The U.S. House of Representatives already has passed two similar bills that must now be reconciled with the Senate version. The White House has expressed support for all three versions, though with some reservations about all of them as well.
Here is a rundown of the ITRC report for last week:
- The business sector accounts for about 16 million exposed records in 243 incidents so far in 2015. That represents 38.6% of the incidents and 9.2% of the exposed records.
- The medical/health care sector posted the second-largest percentage of the total breaches so far this year, 35.6% (227) out of the total of 629. The number of records exposed in these breaches totaled nearly 120 million, or 68.3% of the total so far in 2015.
- The number of banking/credit/financial breaches totals 60 for the year to date, unchanged from the prior week, and involves more than 5 million records, some 9.5% of the total number of breaches and 2.9% of the records exposed.
- The government/military sector has suffered 50 data breaches so far this year, up by two from the prior week, representing 7.9% of the total and about 19.3% of the total number of records exposed so far this year. Nearly 34 million records have been compromised in the government/military sector to date in 2015.
- The educational sector has seen 49 data breaches in 2015, unchanged for the past four weeks. The sector accounts for 7.8% of all breaches for the year and over 750,000 exposed records, about 0.4% of the total so far in 2015.
In all of 2014, ITRC tracked an annual record number of 783 data breaches, up 27.5% compared with 2013. The previous high was 662 breaches in 2010. Since beginning to track data breaches in 2005, ITRC had counted 5,593 breaches through September 22, 2015, involving nearly 829 million records. Compared with 2014, the number of data breaches to date in 2015 is down by 14 (2.2%) from 643 recorded to the same date last year.