Verizon: Data Breaches Rise, But Number Of Compromised Records Falls
You can call it a good news, bad news situation. According to a new report from Verizon, the number of U.S. organizations hit by data breaches in 2010 was higher than ever, but the number of records actually breached went down dramatically.
In its ’2011 Verizon Data Breach Investigations Report,’ the company counted 761 data breaches. But despite the figure, the number of compromised records involved in the breaches fell from 144 million in 2009 to only 4 million in 2010.
There are a number of ways to explain this discrepancy, Chris Porter, a principal for research and intelligence at Verizon, told CRN.
’One of the main reasons that we haven’t seen the large number of records breached we’ve seen in years past is that we haven’t seen one of those very, very large mega breaches,’ he said. ’In the last several years we’ve always had a few mega breaches where millions of records are stolen, and we just didn’t see that [last] year.’
A related factor may also be affecting the numbers -- some of the largest breaches during the past few years, such as the one impacting TJX Companies a few years ago, resulted in arrests.
With some of the people with the necessary skill set to perpetrate those mega breaches off the street, other attackers may have decided to go after low-profile targets, Porter said. For the first time, physical attacks such as compromising ATMs and point-of-sale terminals surfaced as one of the three most common ways to steal information, constituting 29 percent of all cases investigated.
Outsiders were the primary cause of the breaches according to the report, to the tune of 92 percent.
The report also found that the percentage of insider attacks decreased significantly in 2010 when compared to the previous year (16 percent versus 49 percent), something Verizon contends is due to a significant increase in smaller, external attacks.