And cyber security professionals are expecting more to come
Debt.com strives to provide our users with helpful information while remaining unbiased and truthful. We hold our sponsors and partners to the highest industry standards. Once vetted, those sponsors may compensate us for clicks and transactions that occur from a link within this page.
It seems that all hope is lost when it comes to keeping your information protected. It’s time to focus on how you handle that.
Data breaches across the U.S. happened more than four times a day on average in the first half of 2017. That’s according to a new joint study by the Identity Theft Resource Center and CyberScout, an identity and data defense company.
Their research shows that breaches are up 26 percent over last year for the first half of the year. Most of the attacks have been caused by hacking — which includes phishing, ransomware, malware, and skimming — and the biggest target has been the business sector.
“Cyber attacks that target businesses are continuing to rise, as hackers aim to steal the most sensitive personal data and demand payoffs in crippling ransomware attacks,” says Matt Cullina, CEO of CyberScout. “All these trends point to the need for businesses to take steps to manage their risk, prepare for common data breach scenarios, and get cyber insurance protection.”
Despite Cullina’s warning, few companies have ramped up their protection — even when they knew these attacks were coming.
A study done by technology association ISACA says that 4-in-5 people surveyed expect a cyber attack on their employer this year, but only 31 percent of companies routinely check security.
On top of that, three-quarters of security professionals don’t believe that buying all the cybersecurity tools in the world wouldn’t fully protect your organization, according to a survey from Tripwire, a security software company.
The bad news for consumers
Hackers are determined to get your Social Security number, and the easiest way to get it is through your employer, the study found. Most of these attacks come in the form of phishing, or an attack that’s hard to distinguish because it appears to be a trustworthy site or source.
In the first half of 2017, 60 percent of the breaches involved the exposure of Social Security numbers, down only one percent from the first half of 2016.
Unlike Social Security numbers, the collection of credit and debit card numbers collect has risen three percent over last year to 12 percent. The study says that several high profile data breaches in the hospitality and fast food sectors have contributed to that increase.
The Identity Theft Resource Center only expects the number of attacks to go up. They say that the number of attacks this year could hit 1,500, which would be up from the previous all-time high of 1,093 in 2016.
Breaches are hard to track
Right now, only hospitals and medical centers are required by law to release details of data breaches when they involve 500 or more people. No other industry has the same regulations around them forcing the release of breach details.
In the first half of 2017, 67 percent of data breach notices did not report on the number of records impacted.
“We have made progress in transparency regarding data breach notifications but this only goes so far when we do not have complete information,” says Eva Velasquez, ITRC president and CEO. “The number of records breached in a specific incident allows us to provide more insight into the scope of this problem, and is a necessary next step in our advocacy efforts.”
And according to Adam Levin, chairman of CyberScout, withholding information only makes it more difficult for consumers and in extreme cases, could lead to legal repercussions.
“Because breaches have become ubiquitous, it is incumbent upon organizations that suffer a compromise to be candid and provide as much information as possible, so that consumers will have the best opportunity to mitigate their personal consequences,” Levin says. “While many businesses don’t necessarily have a handle on the depth and breadth of a breach, they could well be judged by customers, employees, regulators and the courts on how well they protected the information they stored as well as the urgency, transparency, and empathy with which they responded once they were aware they had been hacked.”
Meet the Author
Article last modified on October 19, 2017. Published by Debt.com, LLC . Mobile users may also access the AMP Version: Data Breaches in the U.S. Happen Four Times a Day - AMP.