Nearly 200 million data records were reported stolen during the first quarter of 2014, according to a new data breach report—a 233 percent increase over the same period in 2013. The most effective data thieves: “malicious insiders.”
At least once a week, it seems, there’s another headline about a major data security breach. Just this week it was AOL and Internet Explorer, and not long ago the entire internet community was put on alert about the Heartbleed bug.
“At the end of the day, there is not a magic strategy [for data security]; there is just thorough, well-thought-out planning.”
If those stories alone aren’t enough to send an organization scrambling to double-check its data management practices, a new report from information security firm SafeNet, Inc. [PDF], might do the trick. In a summary of public data collected for its Breach Level Index (BLI) from the first quarter of 2014, SafeNet reported that 254 incidents occurred that resulted in the loss or theft of over 200 million records, or the equivalent of about 93,000 records every hour during those months.
And those were just the breaches that were publicized.
“The white noise of data breach reporting makes every breach seem just as bad as the last, but this is certainly not the case,” SafeNet Chief Strategy Officer Tsion Gonen said in a statement. “Some organizations are handling customer data responsibly, and others are not.”
The summary showed that while malicious outsiders—an individual or group not affiliated with an organization—accounted for the largest number of incidents (62 percent), malicious insiders—an employee or individual who has access to sensitive material—were much more effective, accounting for just 11 percent of the total incidents but 52 percent of the total records stolen.
Other highlights from the report:
- South Korea suffered four of the top five breaches during Q1 2014, representing 79 percent of the 200 million records stolen. Seventy-eight percent (199 incidents) occurred in North America.
- Data breaches in the financial industry comprised only 14 percent of the total but accounted for 56 percent of all data records lost or stolen.
- The opposite was true for the healthcare industry, which accounted for 24 percent of the total number of breaches but just 9 percent of data records lost or stolen.
While this summary might be enough of a gut punch, data continues to roll in for the BLI, and the numbers are not getting any better. The number of records lost or stolen in April alone was over 218 million, more than the number from Q1. And the total number of records lost since the index was introduced last year is quickly closing in on 1 billion, currently sitting just north of 994 million.
“Data security is no longer just for large organizations with huge security budgets,” Trisha Paine, a senior product marketing manager for SafeNet, wrote in a blog post on the firm’s website. “At the end of the day, there is not a magic strategy; there is just thorough, well-thought-out planning.”
How has your association tackled the threat of a security breach? Share your story in the comments.