Cyber criminals compromised more than a billion data records in 2014 in more than 1,500 breaches, according to the latest breach report from Gemalto.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
This represents a 49% increase in data breaches and a 78% increase in the number of data records stolen or lost compared with 2013, which works out at 32 records lost or stolen every second.
The most data breaches were in North America (76%), followed by Europe (12%), and the Asia-Pacific region (8%).
The UK had the highest number of breaches in Europe with 117 incidents, followed by France (9), Ireland (8), Germany (7), Netherlands (6), Belgium (5), and Russia and Italy, with 3 incidents each.
According to security experts, the UK is one of the most highly targeted countries in the world because of the large number of financial institutions based in London.
More on data breaches
- Sony data breach claims first scalp as co-chair steps down
- Five questions every board should ask after Sony Pictures breach
- Information Commissioner's Office issues warning to Office shoe retailer over data breach
- Obama calls for single US data breach notification law
- Finance and retail applications most vulnerable to breaches
The BLI provides a methodology for security professionals to score the severity of breaches and see where they rank among publicly disclosed breaches.
According to data in the BLI, the main motivation for cyber criminals in 2014 was identity theft with 54% of the all data breaches being identity theft-based.
Identity theft breaches accounted for one-third of the most severe data breaches categorised by the BLI as either “catastrophic” or “severe”.
The most severe breaches in 2014 were at Home Depot (109 million records), JP Morgan Chase (83 million records), eBay (145 million records) and Korea Credit Bureau (104 million records).
Encouragingly, “secure breaches” – where perimeter security was breached but compromised data was encrypted in full or in part – increased to 4% from just 1% in 2013.
Cyber criminals shift tactics to long-term identity theft
Gemalto vice-president of strategy for identity and data protection Tsion Gonen said there is a clear shift in the tactics of cyber criminals, with long-term identity theft becoming more of a goal.
"Identity theft could lead to the opening of new fraudulent credit accounts, creating false identities for criminal enterprises, or a host of other serious crimes," he said. "As data breaches become more personal, we're starting to see that the universe of risk exposure for the average person is expanding.”
As data breaches become more personal, we're starting to see that the universe of risk exposure for the average person is expanding
Tsion Gonen, Gemalto
The data shows breaches became more severe in 2014, with the year accounting for two-thirds of the 50 most severe breaches to date according to their BLI score.
Also, the number of data breaches involving more than 100 million compromised data records doubled compared with 2013.
In terms of industries, retail and financial services experienced the most noticeable trends compared with other industry sectors in 2014.
While retail experienced only a slight increase in data breaches, accounting for 11% of all data breaches in 2014, the retail industry’s share of data records compromised increased to 55% compared with 29% in 2013 due to an increased number of attacks that targeted point-of-sale systems.
For the financial services sector, the number of data breaches remained relatively flat year over year, but the average number of records lost per breach increased 10-fold to 1.1 million from 112,000 in 2013.
"Not only are data breach numbers rising, but the breaches are becoming more severe," said Gonen.
"Being breached is not a question of 'if' but 'when'. Breach prevention and threat monitoring can only go so far and do not always keep the cyber criminals out,” he said.
Organisations need data-centric view of threats
According to Gonen, companies need to adopt a data-centric view of digital threats starting with better identity and access control techniques such as multi-factor authentication and the use of encryption and key management to secure sensitive data.
“That way, if the data is stolen it is useless to the thieves,” he said.
The most common type of source were malicious outsiders, who were involved in 854 breaches, or 55% of the total.
It’s a bit perplexing that so many breaches could be caused by accident, and shows that companies need to do a better job of preventing mishaps that can lead to data loss
Gemalto breach report
“Clearly, this is by far the biggest threat organisations face today in terms of potential loss of data,” the Gemalto report said.
The next type of source, responsible for about one-quarter of the breaches, was accidental loss. This caused 380 of the data breaches. In 2013, accidental loss accounted for 27% of the breaches.
“It’s a bit perplexing that so many breaches could be caused by accident, and shows that companies need to do a better job of preventing mishaps that can lead to data loss,” the report said.
Malicious insiders were the next most common source, responsible for 229 breaches. That was 15% of the total, up from 13% in 2013.
Next were state-sponsored attackers, who carried out 56 of the breaches – or 4% – in 2014.
“While it’s a small percentage of the total, these sources increased from less than 1% in 2013. This is likely to be a continuing trend, as countries launch hacks against each other for political, economic, retaliatory or other reasons,” the report said.
Hacktivists were the sources of just 1% of the attacks, down from 2% the year before.
The Breach Level Index indicates that data breaches have been increasing in frequency and size over the past couple of years.
“So by definition, breach prevention is an irrelevant strategy for keeping out cyber criminals,” the report said. It recommended organisations ensure they control access and authentication of users, encrypt all sensitive data at rest and in motion, and securely manage and store all encryption keys.