Firms were hit by 2,308 data breaches in the first half of this year -- exposing 2.6 billion records, according to Data Breach QuickView Report, a study by Risk Based Security Inc., sponsored by Risk Placement Services Inc.
But this is down from the 2,439 incidents reported in the first half of 2017, in which 6 billion records were leaked.
Email addresses were the top data type exposed, accounting for 45.4% of the total -- up from 32.4% at this point in 2017 and 43% in 2016.
Passwords were next with 41.4%, vs. 27.4% in 2017. Names were third, with 34.5% this year -- down from 40.2% in 2017.
Hacking accounted or 54.6% of the breaches, and fraud accounted for 47.5%. Of the records exposed, business sector fraud accounted for 52%. Phishing was responsible for 102 breaches, affecting 460,078 records.
Five breaches alone compromised 100 million or more records, totaling 2 billion.
The U.S. was the hardest hit, suffering 1,074, with California experiencing the most at 110 and Texas at 66. New York came in third with 64. In contrast, there were 62 breaches in the UK and 48 in Canada.
The finance and insurance sector was the most exposed, accounting for 16.5% of the incursions. Healthcare was next, with 14.7% and public administration was third, enduring 12%.
Meanwhile, the rate of confirmed access to data totaled 68% in the first quarter and 74% in the second quarter, both lower than the 80% observed during the first half of 2017.
The study cautions that the apparent falloff from 2017 may be temporary.
After a surprising drop in the number of reported data breaches in the first quarter, breach activity appears to be returning to a more “normal” pace,” it states.
It adds: “As anticipated, additional activity that occurred during Q1 continued to come to light as the second quarter unfolded, while Q2 saw another 1,168 publicly disclosed breaches added to the Q1 total. At the mid-year point, 2018 closely mirrors 2016’s breach experience but still slightly trails the high water mark set in 2017.