From Adidas (two million records compromised) to Facebook (up to two billion accounts scraped), 2018 has seen more than its fair share of massive global data breaches – with customer data protection vividly in the spotlight since GDPR took effect on May 25 and as a raft of social media breaches focusses attention on compliance.
Now a new report by digital security specialists Gemalto reveals that 945 data breaches led to a staggering 4.5 billion data records being compromised worldwide in the first half of 2018, with the total number of breaches down year-on-year — but the number of records compromised up 133 percent as the severity of incident rises.
The news comes as a legal battle for compensation by thousands of Morrisons staff whose personal details were posted online reached the Court of Appeal today, in what is arguably the first data leak class action in the UK.
(If Morrisons loses its appeal it would have significant implications for other organisations, who could be found liable to pay compensation for the acts of rogue employees. The case comes after Andrew Skelton, then a senior internal auditor at Morrisons’ Bradford headquarters, in 2014 leaked the payroll data of more than 100,000 employees, including their names and salaries.)
While the largest amount of data has been exposed by social media companies, the healthcare sector is the most regularly breached. Europe saw 36 percent fewer incidents than H1 2017, with the UK Europe’s most breached country.
Breach Level Index: 15b Data Records Now Exposed
Gemalto’s Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted.
According to the latest update to the Index, released today, almost 15 billion data records have been exposed since 2013, when the index began benchmarking publicly disclosed data breaches.
See also: Google Restricts Gmail API Access, Kills Google+ After Data Exposed
During the first six months of 2018, the equivalent to 291 records were stolen or exposed every second, including medical, credit card and/or financial data or personally identifiable information.
Just one percent of this was encrypted.
Malicious outsiders caused the largest percentage of data breaches (56 percent), a slight decrease of almost seven percent over the second half of 2017 and accounted for over 80 percent of all stolen, compromised or lost records.
Accidental loss accounted for over 879 million (9 percent) of the records lost this half, the second most popular cause of data breaches representing over one third of incidents. The number of records and incidents involved in malicious insider attacks fell by 50 per cent this half compared to the same time period in 2017.