Data Breach Statistics by Year, Industry, Source, More

Data records are lost or stolen at the following FREQUENCY

Every Day

Records

Every Hour

Records

Every Minute

Records

Every Second

Records

2018: Data Privacy and New Regulations Take Center Stage

A number of important data breach trends emerged in the first half of 2018. One of the most notable of these developments was the introduction of new data protection regulations including the European Union's General Data Protection Regulation (GDPR), New York's Cybersecurity Requirements for Financial Services Companies and Australia's Notifiable Data Breach (NDB) scheme. The rationale behind passing these standards is to help organizations better protect customers' privacy and security by design. In terms of data breach sources, malicious outsiders and accidental loss were at the top of the list in the first half of 2018. Those forces accounted for some of the biggest security incidents.

Overall, the total number of records compromised in the first half of 2018 was 3,353,172,708. That figure marks an increase of 72 percent over H1 2017. Not surprisingly, the amounts of records breached every day, hour, minute and second also surpassed the totals observed a year earlier. What is remarkable is that all of these figures almost doubled between 2017 and 2018. Surprisingly, there were just 944 security incidents reported in the first half of 2018. That's 18 percent fewer than the 1,162 breaches disclosed in H1 2017. Of those incidents, there were just 21 data breaches where encryption was reportedly used on the data in whole or in part, less than half the figure for the previous year.

Access 2018 First Half Report

Total Records Lost by Month

Data Records Stolen or Lost by Industry

Shows percentage of total records, hover over pie chart for record totals.

CyberVor records not included as affected industries are unknown.

Industry Breach Details

From an industry perspective, social media witnessed the greatest number of compromised records in H1 2018 at 2.5 billion. That's a massive increase from the previous year. There were a few other industries where the number of breached accounts increased by more than a thousand percent: Industrial saw the highest growth rate, while retail and professional services also had big increases. Other sectors experienced more modest growth in either the number of compromised records or security incidents. Those included hospitality, technology, and insurance. During the same reporting period, Healthcare declined in both the number of security incidents and breached records. Organizations in government, education, entertainment, financial services and the non-profit sector all saw between 50 percent and 100 percent fewer breached records in H1 2018.

Access 2018 First Half Report

Number of Breach Incidents By Source

Source of data breaches causing problems can vary.

Source of Breach Details

No other source of data breaches came close to malicious outsiders in the first half of 2018. The number of records exposed by external attackers rose by more than 800 percent to over 2.4 billion records breached. Such growth defied the 38 percent decline in the total number of incidents involving malicious outsiders to 529 events. The number of files exposed by accidental loss dropped by 47 percent to drop below 900 million, making it the second leading data breach source for 2018 with 318 incidents. Hacktivists compromised fewer records and were responsible for fewer incidents in H1 2018, with 23 incidents, representing a 1,050 percent increase over the previous year, the number of records compromised grew from 70,000 to more than 13 million. Malicious insiders incidents were down 45 percent at just 61, while compromised records decreased 60 percent to just over 12 million.

Access 2018 First Half Report

Number of Breach Incidents By Type

Attackers use a variety of techniques against organizations.

Identity Theft63.59%
Financial Access14.09%
Account Access14.02%
Nuisance7.31%
Existential Data1.00%

Identity Theft69.62%
Financial Access15.80%
Account Access6.78%
Existential Data4.84%
Nuisance2.96%

Identity Theft63.01%
Financial Access17.56%
Account Access9.11%
Nuisance5.41%
Existential Data4.91%

Identity Theft54.29%
Financial Access22.03%
Account Access10.45%
Existential Data9.43%
Nuisance3.80%

Identity Theft54.00%
Financial Access17.37%
Nuisance9.83%
Account Access9.78%
Existential Data9.03%

Identity Theft59.24%
Financial Access15.74%
Account Access11.52%
Nuisance9.20%
Existential Data4.31%

Identity Theft60.80%
Financial Access17.28%
Account Access10.02%
Nuisance6.12%
Existential Data5.77%

Type of Breach Details

Identity theft was once again the most prevalent data breach type tracked by BLI. It accounted for almost 3 billion compromised records - approximately 83 percent of the accounts breached in H1 2018, a massive growth of 757 percent over the previous year. The number of incidents decreased by more than a quarter to 609. Financial access breaches increased its reach by more than 13,000 percent, across just 123 incidents, representing a drop by 28 percent over H1 2017. Account access had a more modest gain of 161 percent, while the number of incidents also increased by 124 percent to 166. Nuisance plunged nearly 100 percent in breached records to 1,694,029 in 37 incidents, a rate of loss almost identical for existential data, with only 11 records across 9 incidents.

Access 2018 First Half Report

A Geographic View

Hover over map points to display total records breached by location.

Date Range: 2013 - Present

World Map

Download 2018 First Half Infographic

Secure the Breach

This brief video will introduce a new perspective in accepting that a breach will happen; we call this Breach Acceptance. When companies adopt the Secure the Breach mindset, they will fundamentally change the way they protect their organization by securing the real target of attacks -- the data -- rather than securing the vector.
A New Mindset

Breach Risk Calculator

How bad might a breach be if it did happen to you? Calculate your own risk score and breach severity using the Breach Level Index. Provide a few inputs as to the number of records that could be affected, and the type and source of breach possibilities. The score is calculated based on these factors, and how the stolen information was used. The point of the scoring system is to demonstrate that not all breaches have the same impact on organizations or the same amount of risk. Use your score to gauge the breach severity and see how to your organization can better prepare for a breach.

Calculate Your Score

About the BREACH LEVEL INDEX

Breaches are no longer a binary proposition where an organization either has or hasn't been breached. Instead they are wildly variable — having varying degrees of fallout — from breaches compromising entire global networks of highly sensitive data to others having little to no impact whatsoever.

Not all breaches are created equal.

The Breach Level Index not only tracks publicly disclosed breaches, but also allows organizations to do their own risk assessment based on a few simple inputs that will calculate their risk score, overall breach severity level, and summarize actions IT can take to reduce the risk score.
Read Overview

Data Breach Statistics

Data Records Lost or Stolen Since 2013

ONLY

Data records are lost or stolen at the following FREQUENCY

Every Day

Records

Every Hour

Records

Every Minute

Records

Every Second

Records

2018: Data Privacy and New Regulations Take Center Stage

Total Records Lost by Month

Data Records Stolen or Lost by Industry

Industry Breach Details

Number of Breach Incidents By Source

Source of Breach Details

Number of Breach Incidents By Type

Type of Breach Details

A Geographic View

Secure the Breach

Breach Risk Calculator

About the BREACH LEVEL INDEX