First Quarter 2014 Exposes 176 Million Records – Troubling Trend Of Larger, More Severe Data Breaches Continues

[Audrey McNeil <audrey () riskbasedsecurity com>]

https://www.riskbasedsecurity.com/2014/05/first-quarter-2014-exposes-176-million-records-troubling-trend-of-larger-more-severe-data-breaches-continues/

We are pleased to announce the release of the next installment of Risk
Based Security’s Data Breach QuickView report. Analysis of data compromise
activity for Q1 2014 shows that, while the number of incidents taking place
remains comparable to Q1 2013, the number of records lost per incident is
on the rise. The total number of records exposed in the first quarter of
2014 exceeded 176 million – or roughly a 46% increase compared to the
number of records loss in Q1 2013.

“It’s difficult to say whether security is deteriorating, bad actors are
getting better or some combination of both.” said Inga Goddijn, Managing
Director of Insurance Services of Risk Based Security. “What we do know is
that there have been eight events in the past six months that have involved
the compromise of at least 10 million records per event and the trend is
continuing with the most recent revelations at eBay.”

The report also highlights the continuing trend of targeting user names,
e-mail addresses, and passwords. Although this type of information in and
of itself typically doesn’t hold the same value as Social Security or
credit card numbers, this data can be the keys to opening up the doors that
access more valuable information. The continued focus on this type of data
may be indicative of more complex or better-planned attacks currently
happening involving third-parties and on the horizon.

Another disturbing trend is the rate of repeat events at the same
organization. Goddijn added, “when analyzing the full data set, we can see
that 97 organizations that reported a data breach in the first quarter of
2014 had also reported a breach in the past. In addition, three of these
organizations had multiple breaches in the first quarter of this year.”

Risk Based Security’s research continues to show that all organizations,
regardless of size, industry, or location, are at risk for a breach. Our
security advisers and CISOs recommend business leaders take an active role
in the continuous evaluation and improvement of the organization’s
information security management system. Timely, accurate, and comprehensive
vulnerability and threat intelligence can give organizations the edge they
need not to show up in the next data breach report.

You can view the 2013 Data Breach QuickView report here:

http://www.riskbasedsecurity.com/reports/2014-1QDataBreachQuickView.pdf

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!