• by Ray Schultz , October 25, 2017

Data protection systems were a sieve in the first half of this year, according to a study by Gemalto, a digital security firm based in Europe.

Gemalto’s Breach Level Index shows there were 918 data breaches during this period, resulting in 1.9 billion data records being exposed — a “staggering” 164% increase over the last six months of 2016. This presumably included email addresses.

A large portion of these losses resulted from the 22 largest data breaches — each one of those involved more than one million compromised records, Gemalto says.

There is no count of compromised records for more than 500 of the reported breaches, the company adds.

Of all breaches, 74% came from malicious outsiders -- an increase of 23%. However, these accounted for only 13% of all stolen or compromised records.

Malicious insider attacks, while they comprised only 8% of all breaches, led to 20 million records being compromised, compared with 500,000 in the last half of 2016 — a 4,114% increase.

Identity theft was the leading type of breach, accounting for 74% of all data breaches -- an increase of 49%. The number of compromised records in this area increased by 255%.

Nuisance breaches, while they added up to only 1% of the total, led to 81% of all stolen or comprised records.

According to Gemalto, more than ten million records were exposed every day — 122 per second — during the first half of 2017. These included medical, credit card, financial and other personally identifiable information.  

Less than 1% of the stolen data pieces were encrypted, a 4% drop compared to the last half of 2016. 

North America was the hardest-hit area, suffering 86% of the breaches — an increase of 23%. The number of affected records jumped by 201%.

However, Gemalto says this will change when the General Data Protection Regulation takes effect next year.

In contrast, Europe reported 49 breaches — 5% of the total, and a 35% from the prior six months.

Most industries studied saw a 100% increase in the number of exposed records.

The education sector experienced a 103% rise in breaches and a 4,000% increase in records, due to a malicious insider attack at a Chinese company. Gemalto continues. The healthcare, government, financial services and entertainment categories also took big hits.

Other studies have quantified the financial impact.

For example, a report by IT consultant CGI and Oxford Economics, using data from the Breach Level Index, found that “two-thirds of firms breached had their share price negatively impacted,” states Jason Hart, vice president and chief technology officer for data protection at Gemalto.

Hart adds: “Out of the 65 companies evaluated the breach cost shareholders over $52.40 billion. We can expect that number to grow significantly, especially as government regulations in the U.S., Europe and elsewhere enact laws to protect the privacy and data of their constituents by associating a monetary value to improperly securing data.”