More than 370,000 sensitive personal records were exposed in data breaches during the month of January according to the latest monthly report from the Identity Theft Resource Center (ITRC). Nearly a third of the records were the result of a single breach at an insurance company based in Texas.
The ITRC maintains records of data breaches in five categories–banking/credit/financial, business, educational, government/military, and medical/health care. Exposed records are further divided into sensitive and non-sensitive totals. Non-sensitive data includes email-related credentials that are not considered to be personally identifiable information; sensitive records include such things as Social Security numbers, credit card information, and health records.
In January the ITRC reported that 7.6 million non-sensitive records were released in addition to 370,027 sensitive. In the largest breach, Centerstone Insurance and Financial Services, which does business under the name BenefitMall, reported that more than 111,000 emails containing personally identifiable information were targeted in a “data security incident.”
That single incident accounted for all the banking/credit/financial records exposed in January. The good news is that last January’s total for the month was 4.38 million exposed records, including 3.4 million credit card records at Jason’s Deli.
In the medical/healthcare category, 241,412 records were exposed in January, representing about 65% of all records exposed during the month. A Texas-based healthcare provider, Las Colinas Orthopedic Surgery & Sports Medicine, reported the theft of some 76,000 records.
The business category accounted for just 12,000 exposed records last month, 3.2% of the January total.
Educational institutions exposed 4,024 records in January, just 1.1% of the total for the month and government/military organizations exposes 1,002 records.
In 2018, a total of 446.5 million personally identifiable records were exposed, a year-over-year increase of 126%. Some 343 million of those records were exposed in a breach at Marriott International’s Starwood Resorts loyalty program records.