Data Breaches Exposed 4.2 Billion Records In 2016

The 4,149 data breaches reported in 2016 shattered the all-time high of nearly 1 billion exposed records in 2013.

Kelly Sheridan, Former Senior Editor, Dark Reading

January 25, 2017

3 Min Read
Dark Reading logo in a gray background | Dark Reading

Over the past year, 4,149 data breaches compromised more than 4.2 billion records, shattering the previous all-time high of about 1 billion exposed records in 2013.

This finding comes from the 2016 Data Breach QuickView report, released January 25 by Risk Based Security (RBS). Researchers discovered the number of data breaches was fairly consistent between 2015 and 2016, but their severity skyrocketed. 

In 2016, there were 94 reported incidents exposing at least one million records each, and 37 incidents exposing ten million or more records. Compared with 2015, this marks an increase of 63% and 105%, respectively.

It didn't take many breaches to compromise a record-breaking amount of customer information. The top ten breaches of 2016, which included nine hacks and one web breach, led to the exposure of a combined three billion records.

RBS discovered businesses accounted for 51% of reported breaches, surpassing unknown (23.4%), government (11.7%), medical (9.2%), and education (4.7%) industries. Most (80.9%) exposed records also came from the business sector.

The number of breaches by industry sector roughly corresponds with economic activity, explains Inga Goddijn, EVP of Risk Based Security. RBS has the largest central collection of publicly disclosed breaches, she continues, which provides a broad view into where incidents happen.

"What our data shows is that really, no industry is immune to data loss," Goddijn says. "Any organization that has sensitive data -- which is every organization with employees or confidential business information -- can be a target."

Findings from the RBS data breach study are supported by further research from the Online Trust Alliance (OTA), which today released its 2017 Cyber Incident & Breach Response Guide. "Cyber incident" encompasses events including corporate data loss, ransomware, unreported breaches, and incidents not involving covered information.

OTA concluded there were about 82,000 cyber incidents in 2016, affecting 225 organizations around the world each day. However, given that the majority of cyber incidents go unreported, it believes the actual number of annual events could exceed 250,000.

Businesses can learn from the consequences of high-profile attacks. Aside from financial loss, organizations are vulnerable to security threats and reputational damage. The OTA report cites research from the Internet Society, which discovered 59% of users would likely not do business with a company that had suffered a data breach.

While some incidents are unavoidable no matter how strong your security, many can be stopped with the right measures. OTA found more than 90% of cyber incidents could have been prevented.

The threat of data breaches will continue to grow so long as hackers' motivations remain the same, says Goddijn.

"As long as there is money to be made out of unauthorized access and data theft, malicious actors will continue to refine and improve their attack methods," she explains. "The wave of targeted phishing scams, seeking W2 details, that took place early in the first part of the year is a good example."

Phishing is not a new business threat, she says, but scammers successfully refined their approach by targeting HR personnel during the height of tax data preparation season. More than 100 companies and their employees were victims of this type of attack, which led to data being used in fake tax return schemes.

"Early indications look as if we might see a repeat of this in 2017," Goddijn notes. "We've already captured half a dozen such events this year and expect more to follow in the coming months."

While it's difficult to predict the future, Goddijn is "certain" data breaches will continue. It's no longer enough for busiensses to solely focus on prevention.

"Given where we are with the state of breach activity today, organizations need to also be thinking about response and recovery as integral components of security management," she says.

Related Content

About the Author

Kelly Sheridan

Former Senior Editor, Dark Reading

Kelly Sheridan was formerly a Staff Editor at Dark Reading, where she focused on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial services. Sheridan earned her BA in English at Villanova University. You can follow her on Twitter @kellymsheridan.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights