Data Breach QuickView Report - Risk Based Security

Download PDF
2 downloads 199 Views 4MB Size Report
Comment
2016 Data Breach Trends – Year In Review. Sponsored by: ...... Systems, Inc. .... User Name. NUM. Phone Number. IP. In
Data Breach QuickView Report

2016 Data Breach Trends – Year In Review

Sponsored by: Risk Based Security

Issued in January 2017

2016 Sets new records, once again …

Not Just Security, the Right Security. 1

• There were 4,149 breaches reported during 2016 exposing over 4.2 billion records – approximately 3.2 billion more records than the previous all time high exposed in 2013. • Top 10 breaches (9 Hacks1 and 1 Web) exposed a combined 3 billion records. • Top 10 Severity scores averaged 9.96 out of 10.0. • The Business sector accounted for 51% of reported breaches, followed by Unknown (23.4%), Government (11.7%), Medical (9.2%), and Education (4.7%). • The Business sector accounted for 80.9% of the number of records exposed, followed by Unknown (13.1%), Government (5.6%), Medical (.3%), and Education < .1%. • 53.3% of reported breaches were the result of Hacking, which accounted for 91.9% of the exposed records. • Malware accounted for 4.5% of the reported breaches, but represented just 0.4% of the records compromised. • Breaches involving U.S. entities accounted for 47.5% of the breaches and 68.2% of the exposed records. • 37.2% of the breaches exposed between one and 1000 records, 50.4% of breaches exposed between one and 10,000 records. • 256 breaches involved Third Parties. • Ninety-four (94) breaches in 2016 exposed one million or more records. • Six (6) 2016 breaches have taken their place on the Top 10 List of All Time Largest Breaches. • In December 2016, Yahoo reported the single largest breach ever disclosed, impacting over 1 billion records. • The number of reported breaches tracked by Risk Based Security has exceeded 23,700, exposing over 9.2 billion records.

See page 16 for definitions 1 | Data Breach Intelligence Copyright © 2017 Risk Based Security, Inc. All rights reserved.

Table of Contents 2016 COMPARED TO THE PRIOR FOUR YEARS .................................................................................. 3 2016 BY INDUSTRY BY MONTH ...................................................................................................... 3 2016 ANALYSIS BY BREACH TYPE ................................................................................................... 4 2016 DATA BREACH ANALYSIS BY THREAT VECTOR ........................................................................... 5 2016 EXPOSED RECORDS BY THREAT VECTOR .................................................................................. 5 2016 ANALYSIS BY DATA FAMILY ................................................................................................... 6 2016 PERCENTAGE OF BREACHES EXPOSING DATA TYPES VS. 2015 ..................................................... 6 2016 ANALYSIS OF RECORDS PER BREACH ....................................................................................... 7 2016 - BREACH TYPES/RECORDS EXPOSED – TOP 5 .......................................................................... 8 2016 ANALYSIS BY COUNTRY ......................................................................................................... 8 2016 ANALYSIS BY COUNTRY – TOP 10 ........................................................................................... 9 2016 EXPOSED RECORDS BY COUNTRY – TOP 10 .............................................................................. 9 2016 ANALYSIS OF US STATE RANKINGS ....................................................................................... 10 2016 BREACHES INVOLVING THIRD PARTIES ................................................................................... 11 2016 REPEAT OFFENDERS ........................................................................................................... 12 2016 – BREACH SEVERITY SCORING .............................................................................................. 12 2016 – BREACH SEVERITY SCORES ................................................................................................ 12 2016 – BREACH SEVERITY SCORES – TOP 10 .................................................................................. 13 TOP 20 BREACHES ALL TIME (EXPOSED RECORDS COUNT) ................................................................ 14 METHODOLOGY & TERMS ........................................................................................................... 16



2 | Data Breach Intelligence Copyright © 2017 Risk Based Security, Inc. All rights reserved.

2016 Compared to the Prior Four Years

Number of Incidents by Year 5,000

4,326

4,500 4,000 3,500

4,281

4,149

3,275

3,334

3,000

Number of Records Exposed (in millions) by Year

2,612

2,500 2,000 1,500 1,000

1,106

1,095

2013

2014

822

525

500 2012

2013

2014

2015

2016

2012

2015

2016

2016 by Industry by Month

2016 Distribution of Incidents by Industry, by Month 500 400 300 200 100 0 JAN

FEB

MAR

APR Business

MAY Government

JUN

JUL

Medical

AUG Education

SEP

OCT

NOV

DEC

Unknown

2016 Distribution of Exposed Records by Industry, by Month 100.0% 80.0% 60.0% 40.0% 20.0% 0.0% JAN

FEB

MAR

Business

APR

MAY

Government

JUN Medical

JUL

AUG Education

SEP

OCT

NOV

Unknown

3 | Data Breach Intelligence Copyright © 2017 Risk Based Security, Inc. All rights reserved.

DEC



2016 Analysis by Breach Type 2016 Incidents - Top 10 Breach Types 0

1000

2000

Hacking

3000 2213

Skimming

Hacking continues to dominate as the leading breach type, with SQL injection a predominant method utilized. Stolen laptops, once a leading cause of data compromise, accounted for only 67 (1.6%) of incidents in 2016.

482

Phishing

203

Virus

185

Web

167

Lost, Missing, Stolen Hardware/ Devices

137

FraudSe

133

Lost, Missing, Stolen Documents

128

Unknown

120

eMail

105



2016 Records Exposed by Breach Type 0.0%

20.0%

Hacking

Web

40.0%

60.0%

80.0%

100.0%

92.5%

6.0%

Unknown

1.2%

Virus

0.4%

Misconfigured databases and other inadvertent web based disclosures exposed over 253 million records in 2016.

4 | Data Breach Intelligence Copyright © 2017 Risk Based Security, Inc. All rights reserved.

2016 Data Breach Analysis by Threat Vector 2016 Number of Incidents by Threat Vector 3226

Outside Inside-Accidental

313

Inside-Unknown

242

Inside-Malicious

206

Unknown

162 -

Only 18.3% of incidents were the result of insider activity

500 1,000 1,500 2,000 2,500 3,000 3,500





2016 Exposed Records by Threat Vector Threat Vector Outside Inside-Accidental Inside-Malicious Inside-Unknown Unknown Total

Records Exposed 3,819,637,019 87,888,518 2,295,432 121,425,860 250,548,979 4,281,795,808

56.3% of incidents originating from malicious insiders had no confirmed record count, while 39.3% of incidents originating from insider accidents had no confirmed count



Top 10 Breaches – Data Types and Severity Scores2 Breach Type

Data Type3

Records Exposed

Percentage of Total Exposed

Hack Hack

1,000,000,000 500,000,000

23.35% 11.68%

DOB/EMA/MISC/NAA/NUM/PWD DOB/EMA/MISC/NAA/NUM/PWD

10 10

Hack

412,214,295

9.63%

EMA/IP/MISC/PWD/USR

10

Hack Hack

360,213,024 203,419,083

8.41%

10 10

Hack

154,000,000

4.75% 3.60%

EMA/PWD/USR ADD/DOB/FIN/MISC/NAA/NUM ADD/EMA/MISC/NAA/NUM

10

127,343,437

2.97%

DOB/EMA/NAA/PWD/USR

9.70

Hack Web

98,167,935 93,424,710

2.29% 2.18%

EMA/MISC/PWD/USR ADD/DOB/MISC/NAA

9.59 9.82

Hack

93,338,602

2.18%

EMA/NAA/NUM/PWD

10

Hack

Severity Score

The top 10 breaches exposed 3,042,121,086 records, or 71% of the total records exposed in 2016

2 3

See page 13 for additional detail on these incidents. See page 17 for a description of abbreviations. 5 | Data Breach Intelligence Copyright © 2017 Risk Based Security, Inc. All rights reserved.

2016 Analysis by Data Family

Data Family Electronic Physical Unknown

Percentage of Total Breaches 2015 89.5% 7.1% 3.0%

Percentage of Total Exposed Records 2015 99.6%