The latest count from the Identity Theft Resource Center (ITRC) indicates that there have been 1,293 data breaches recorded this year through December 20 and that more than 174 million records have been exposed since the beginning of the year. The incident total is 21% higher than at the same time last year.
In 2016, the ITRC reported a record total of 1,093 breaches, and at the current pace that record could rise to more than 1,300 this year.
Over at Brian Krebs’s website, there’s an interesting story on the market for stolen account credentials. In light of the massive exposure of personal data earlier this year at Equifax and the announcement last week of another huge exposure of personal data, the article at KrebsOnSecurity explains the value of this kind of data both to the thief and to the criminals who purchase the data.
Krebs shows a screen shot indicating that one thief earned about $288,000 in the first seven months of this year from the sale of more than 35,000 stolen credential pairs at an average price of $8.19 per credential.
The overall average for more than 200 different e-commerce and banking sites is about $15 per credential. A credential pair from AT&T wireless, along with access to the victim’s email inbox, sells for $30.
Why do cybercriminals steal personal information? Because that’s where the money is.
The business sector leads them all in the number of records compromised so far in 2017, with more than 159 million exposed records in 653 incidents. That represents 50.5% of the incidents and 91.4% of the exposed records so far this year.
The medical/health care sector has posted 28.3% (366) of all 2017 data breaches. The number of records exposed in these breaches totals nearly 6 million, or about 2.9% of the 2017 total.
The educational sector has experienced 114 data breaches since the beginning of the year. The sector accounts for 8.8% of all breaches for the year and more than 1.1 million exposed records, about 0.7% of the year’s total.
The government/military sector has suffered 68 data breaches to date in 2017, representing about 3.3% of the total number of records exposed and 5.3% of the incidents. More than 5.8 million records have been compromised in the sector.
The number of banking/credit/financial sector breaches now totals 92, some 7.1% of the total incidents reported so far this year. More than 2.9 million records have been reported to be compromised in the incidents.
Since beginning to track data breaches in 2005, ITRC had counted 8,190 breaches through December 20, 2017, involving almost 1.06 billion records.