View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 9, 2018updated 14 Jul 2022 4:08am

6 Months, 945 Data Breaches, 4.5 Billion Records

The equivalent to 291 records were stolen or exposed every single second in the first half of 2018, Gemalto's Breach Level Index shows

By CBR Staff Writer

From Adidas (two million records compromised) to Facebook (up to two billion accounts scraped), 2018 has seen more than its fair share of massive global data breaches – with customer data protection vividly in the spotlight since GDPR took effect on May 25 and as a raft of social media breaches focusses attention on compliance.

Now a new report by digital security specialists Gemalto reveals that 945 data breaches led to a staggering 4.5 billion data records being compromised worldwide in the first half of 2018, with the total number of breaches down year-on-year — but the number of records compromised up 133 percent as the severity of incident rises.

The news comes as a legal battle for compensation by thousands of Morrisons staff whose personal details were posted online reached the Court of Appeal today, in what is arguably the first data leak class action in the UK.

(If Morrisons loses its appeal it would have significant implications for other organisations, who could be found liable to pay compensation for the acts of rogue employees. The case comes after Andrew Skelton, then a senior internal auditor at Morrisons’ Bradford headquarters, in 2014 leaked the payroll data of more than 100,000 employees, including their names and salaries.)

While the largest amount of data has been exposed by social media companies, the healthcare sector is the most regularly breached. Europe saw 36 percent fewer incidents than H1 2017, with the UK Europe’s most breached country.

Breach Level Index: 15b Data Records Now Exposed

Gemalto’s Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted.

According to the latest update to the Index, released today, almost 15 billion data records have been exposed since 2013, when the index began benchmarking publicly disclosed data breaches.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

See also: Google Restricts Gmail API Access, Kills Google+ After Data Exposed

During the first six months of 2018, the equivalent to 291 records were stolen or exposed every second, including medical, credit card and/or financial data or personally identifiable information.

Just one percent of this was encrypted.

global data breaches 2018

Malicious outsiders caused the largest percentage of data breaches (56 percent), a slight decrease of almost seven percent over the second half of 2017 and accounted for over 80 percent of all stolen, compromised or lost records.

Accidental loss accounted for over 879 million (9 percent) of the records lost this half, the second most popular cause of data breaches representing over one third of incidents. The number of records and incidents involved in malicious insider attacks fell by 50 per cent this half compared to the same time period in 2017.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.