4,419 Data Breaches Exposed Over 4.2 Billion Records in 2016


A total of 4,149 reported data breaches last year exposed more than 4.2 billion records, according to Risk Based Security's 2016 Data Breach QuickView Report.

Ninety-four of those breaches exposed one million or more records each.

"While the number of data breaches actually remained relatively flat from last year, the big story coming out of 2016 is obviously the massive increase in the number of records exposed," Risk Based Security executive vice president Inga Goddijn said in a statement.

Breaches at FriendFinder Networks, Myspace and Yahoo accounted for over 2.2 billion of the compromised records.

Fifty-three percent of breaches were the result of hacking, predominantly caused by SQL injection. Notably, just 18.3 percent of data breaches were the result of insider activity, and just 1.6 percent of breaches were caused by stolen laptops.

"Another ongoing issue continues to be misconfigured databases and other inadvertent Web based disclosures, as they exposed over 253 million records in 2016," Goddijn said. "As criminals expand this same technique to additional technology we expect more of this activity to come in 2017."

The U.S. saw the greatest number of breaches at 1,971, followed by the U.K., with 204 breaches. Together, the U.S. and U.K. accounted for 52.4 percent of all breaches in 2016.

John Gunn, vice president of communications at VASCO Data Security, told eSecurity Planet by email that there are three significant factors to keep in mind when looking at the findings. "First, a massive number of the hackers that attack U.S. targets are based in Russia and coordinate attacks on the U.S. with involvement of the State, while the U.S. does not do the same," he said. "Second, some of the highest value assets are here in the U.S., so of course we are the subject of a magnitude greater number of attacks, some of which are successful. Third, it is likely that the reporting of successful attacks in some of the countries, such as Russia, is not accurate."

Separately, NTT Security's SERT Quarterly Threat Report for Q4 2016 found a significant increase in nation-state attacks, with evidence of state-sponsored actions identified in two thirds of 30 tracked industry verticals. At the same time, malicious traffic from Russian hosts jumped from 10th place to the top three.

The average length of time that cyber attacks remained undetected, according to the report, was 146 days.

"In compiling our latest Threat Intelligence Report, NTT Security analysts observed a 35 percent decrease in the number of cyber security attacks during Q4 2016, which is certainly a positive trends; however, it is imperative that organizations not be lulled into a false sense of security," NTT Security director of security research and strategy Rob Kraus said in a statement.

"At the same time, the intensity and sophistication of these attacks are on the rise," Kraus added. "Hackers are shifting their strategy from widespread attacks to a more focused effort to compromise specific targets they can leverage, opening the door for more malicious and potentially lucrative actions."