While the number of breaches in 2019 increased, the number of sensitive records exposed decreased
SAN DIEGO, January 28, 2020 – Today, the Identity Theft Resource Center®, a nationally recognized non-profit organization established to support victims of identity crime, released its annual End-of-Year Data Breach Report for 2019 with the support of the report’s long-time sponsor CyberScout®, a global leader in identity theft resolution, data defense and employee benefits services.
“The increase in the number of data breaches during 2019, while not surprising, is a serious issue,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “It would appear that 2018 was an anomaly in how many data breaches were reported and the number of records exposed. The 2019 reporting year sees a return to the pattern of the ever-increasing number of breaches and volume of records exposed. Because that means more consumers are becoming victims, the ITRC will continue to help them by providing guidance on the best ways to navigate the dangers of exposed personally identifiable information (PII) from a data breach and the risks of identity crime as a result.”
“This year’s report paints a mixed view of the landscape as we continue to work with businesses and consumers alike to thwart cyber criminals and contain their damage,” said Matt Cullina, CyberScout’s EVP of Strategic Partnerships and Managing Director of Global Markets; and Board Chair of the Identity Theft Resource Center. “The overall increase in breaches is certainly concerning. However, the extraordinary drop in the number of records exposed and the incredible feat of cutting the sensitive PII exposed by two thirds, indicates that we may be moving in a good direction with regards to the extent of the damage associated with breaches. Businesses and consumers need to continue to be vigilant in protecting data and systems, ensuring they have current protections in place, because even non-sensitive data exposure can lead to more serious issues."
Another critical finding was that “hacking” was responsible for the highest percentage of data breaches (39 percent) and the highest number of non-sensitive records exposed (81 percent). “Unauthorized access” was the second most common breach method identified with nearly the same percentage as hacking at 36.5 percent. Unauthorized access continued to be a catch-all category with little transparency on the actual method of intrusion throughout 2019.
For the second straight year, the business sector had the most data breaches (644), while the medical/healthcare sector had the second most (525). The government/military sector had the fewest amount of breaches in 2019 at 83.
The ITRC has also now tracked over 10,000 publicly-notified data breaches since 2005, hitting that milestone in the spring of 2019. Download the 2019 End-of-Year Data Breach Report.
For anyone that has been a victim of a data breach, the ITRC recommends downloading its free app to manage the various aspects of an individual’s data breach case.
Consumers and victims can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting www.idtheftcenter.org to live-chat.