Security Feature

Identity theft is the predominant way to commit cybercrime, and data breaches, along with the number of data records lost or stolen, are on the rise. New research from digital security specialists Gemalto (News - Alert) shows that despite global efforts to thwart cybercrime, hackers are still getting away with theft and fraud at an alarming rate.

The company has released its Breach Level Index (BLI) report for the first half of 2016, indicating there were 974 data breaches globally during that time period. That’s way up from the 766 reported breaches during that time period last year, with around 554 million data records also lost or stolen during the first part of this year, up 31 percent.

The numbers break down to roughly 35 data records being stolen or lost every second, with a whopping 52 percent of breaches achieved where the number of compromised records was simply unknown. Gemalto singled out the seven top breaches of 2016 so far, most of them identity theft, based on their assigned BLI score. The score takes into account how many records are exposed as well as the type of data within the records, along with the source of the breach and how the information was ultimately used.

The top identity theft breach was at Fling.com, an adult dating website infiltrated to expose 40 million personal records, which were put up for sale. Software company 17 Media’s site came in second, also with an identity theft breach that exposed 30 million records. The Philippines’ Commission on Elections was yet another identity theft target, losing 55 million records to the Anonymous Philippines hacker group. Other noteworthy breaches this year include the Mate1 dating site, Mexican voting records, website acquisition and development company VerticalScope and a large U.S. healthcare insurer’s database.

Additional findings from Gemalto include that most 2016 attacks thus far have been performed by malicious outsiders, followed by accidental loss, hacktivists and state-sponsored attacks. Attacks were mainly performed for identity theft, but also to gain financial or account access. Other types of attacks were categorized as nuisance attacks and existential data attacks. The healthcare industry was the biggest target for all attacks, followed by government, financial services, retail, education and the technology sector. And North America undoubtedly experienced the most attacks globally, with 79 percent of all incidents, followed by Europe at a mere nine percent.

The numbers show that data breaches remain a serious threat to businesses across the board, despite their best efforts to secure and encrypt their data. Gemalto suggests that businesses need to overhaul their entire mindset toward cybersecurity to effectively combat the onslaught of breaches, including the implementation of access control solutions, user authentication, sensitive data encryption and secure storage and management of all encryption keys.

Ultimately, organizations need to shift their mindset from “breach prevention” to “breach acceptance,” considering the sheer number of successful breaches happening today. This will enable companies to adopt a flexible and open approach to security breaches as threats continue to evolve and multiply.