A major nonprofit has warned that this year could set another record for data breaches after 951 publicly reported incidents in the second quarter.
The Identity Theft Resource Center (ITRC) has tracked publicly reported data breaches and breaches since 2005.
The total number of data breach events in the first half of this year is 1,393, even though Q2 2023 numbers are 114% higher than the last three months. That’s higher than all but one of the years 2005-2020 combined, according to the ITRC.
It is also expected to surpass the all-time high of 1,862 breaches recorded in 2021 in 2023.
Read more from the ITRC: Identity crime to remain at record high in 2022
H1 2023 figures represent a 153% year-over-year increase, with breach notifications affecting a staggering 156 million individuals. While this falls well short of his 424 million affected by his 2022 data event, the numbers are worrying for security teams.
The majority (99%) of incidents in this half year were due to breaches, with only 12 recorded data breaches. Cyberattacks accounted for 75%, and “system and human errors” accounted for 22% of the total.
Supply chain attacks accounted for 8% of all data breach incidents and 14% of victims.
Healthcare was the top industry affected by the incident, followed by financial services.
However, the number of data breaches without actionable information on the root cause of the breach increased 67% to 534 in the first half of 2023. The ITRC laments this trend, arguing that opacity on the part of compromised organizations undermines the ability of affected organizations. Parties can make informed decisions about what actions to take after an incident.
ITRC CEO and president Eva Velázquez called the new stats “historic” and urged network defenders to remain focused.
“Since we started tracking data breaches in 2005, only the full years of 2017, 2021 and 2022 have surpassed the number of data events recorded in the first six months of 2023,” she said. explained.
“Businesses and individuals may be numb to the constant attacks and scams that lead to breaches, but they remain diligent and have a good reputation to ensure that stolen or exposed information is useless to identity criminals. It is important to practice good cyber hygiene.”
