The latest count from the Identity Theft Resource Center (ITRC) indicates that there have been 1,253 data breaches recorded this year through December 13 and that more than 172 million records have been exposed since the beginning of the year. The incident total is 20% higher than at the same time last year.
In 2016, the ITRC reported a record total of 1,093 breaches, and at the current pace that record could rise to more than 1,300 this year.
Security firm FireEye’s Mandiant subsidiary last week reported a malware attack against a safety system designed to protect critical infrastructure from failure. The firm’s researchers expressed “moderate confidence” that the attack came from a nation-state or an actor with state backing.
The malware, dubbed Triton by Mandiant, gained remote access to the safety systems and began attacking the system’s controllers. The attack likely was designed to cause physical damage to the controllers, but the attack triggered fail-safe mechanisms that shut down the industrial process.
The target country was not named, but reports suggested it was located in the Middle East and may have been Saudi Arabia. Our report contains more detail and links to the Mandiant report.
The business sector leads them all in the number of records compromised so far in 2017, with more than 157 million exposed records in 638 incidents. That represents 50.9% of the incidents and 91.3% of the exposed records.
The medical/health care sector has posted 28.3% (354) of all 2017 data breaches. The number of records exposed in these breaches totals more than 5 million, or about 2.9% of the 2017 total.
The educational sector has experienced 111 data breaches since the beginning of the year. The sector accounts for 8.9% of all breaches for the year and more than 1.1 million exposed records, about 0.7% of the year’s total.
The government/military sector has suffered 65 data breaches to date, representing about 3.4% of the total number of records exposed and 5.2% of the incidents in 2017. More than 5.8 million records have been compromised in the sector.
The number of banking/credit/financial sector breaches now totals 85, some 6.8% of the total incidents reported so far this year. More than 2.9 million records have been reported to be compromised in the incidents.
Since beginning to track data breaches in 2005, ITRC had counted 8,150 breaches through December 13, 2017, involving almost 1.06 billion records.