Reports from cybersecurity companies in 2023 show mixed trends regarding the number of global data breaches, ransomware attacks, records affected and government costs. But one thing is clear: Cyber attack impacts steadily grow.
September 03, 2023 •
Was that major cyber incident a ransomware attack, a data breach or both? How many records were impacted? Did personally identifiable information (PII) get compromised? How long were they down? Were backups usable? Did the business survive? When was the business able to fully restore their operations? What did the incident cost?
I often get asked these questions (and more), and the answers can take months or years to be released after an event. In some instances, the specific details remain hidden from public view — concealed inside the databases of cyber insurance companies or classified files guarded by three-letter government agencies.
And yet, as the cyber attack headlines just keep pouring in from universities, banks, governments, hospitals, public utilities and more, the rising impacts to society increase — even as many have become almost numb to the overall affect.
DATA AND TRENDS, PLEASE
To which I generally reply, “It depends.” (I know. A good lawyer’s answer.)
Security Week: Cybersecurity Companies Report Surge in Ransomware Attacks
“The 2023 IBM Security Cost of a Data Breach Report shows the average data breach cost has increased to $4.45 million ($165 per record), with data breaches in the United States being the costliest at an average of $9.48 million, up 0.4 percent from last year. Data breaches are the costliest that they have ever been and have increased by 15 percent since 2020. The data for this year’s report was collected by the Ponemon Institute and included breach data from 553 organizations in 16 countries with interviews conducted with thousands of individuals. All data breaches studied for the report occurred between March 2022 and March 2023.
Security Intelligence: Cost of a data breach 2023: Financial industry impacts
“For the financial industry, however, global statistics don’t tell the whole story. Finance firms lose approximately $5.9 million per data breach, 28 percent higher than the global average. In addition, evolving regulatory concerns play a role in how financial companies respond to cyber attacks and where they’re investing to reduce total risk.
“When it comes to calculating the true cost of a data breach for financial firms, monetary loss is just the beginning.
“The median cost per ransomware more than doubled over the past two years to $26,000, with 95 percent of incidents that experienced a loss costing between $1 and $2.25 million. This rise in cost coincides with a dramatic rise in frequency over the past couple of years when the number of ransomware attacks was greater than the previous five years combined. That prevalence held steady this year: Representing almost a quarter of all breaches (24 percent), ransomware remains one of the top cyber attack methods.
“The number of breached user accounts climbed 156 percent to hit 110.8 million in the second quarter of 2023, with the U.S. and Russia among the top locations where these users reside.
Infosecurity Magazine: Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims
“The report notes an overall decrease of 15 percent in total breaches during the first half of 2023 compared to the latter half of 2022 — a positive development given the industry’s previous upward trend in attacks. This suggests a potential downturn in breaches for the entire year, making 2023 the lowest breach count since 2019.
“However, the decline in breaches was counterbalanced by a significant 31 percent increase in the number of individuals affected by data breaches during H1 2023 compared to H2 2022. This surge resulted in 40 million individuals being impacted within six months, equivalent to 74 percent of the total affected in 2022.”
SOME MORE HISTORICAL DATA BREACH CONTEXT
- Yahoo has had the largest data breach so far, with 3 billion data records compromised in 2013.
- First American Financial Corporation had the second-largest breach with 885 million records compromised in 2019, and Facebook holds the third-largest data breach with 540 million records compromised in 2019.
- Yahoo data breaches account for two of the largest known data breaches.
“A new study has revealed that Yahoo’s data breach in 2013 had the greatest number of compromised data records, with three billion records compromised.
1. Yahoo (2013) – 3 billion records
The 2013 attack on Yahoo is the largest known data breach in history, with all three billion Yahoo user accounts at the time being compromised. Originally, it was reported that only one billion user accounts were compromised, but this figure was later revised to three billion. The attack resulted in data such as email addresses, passwords, dates of birth, and telephone numbers being stolen.
2. First American Corporation (2019) – 885 million records
Financial services provider First American Corporation has the second largest known data breach in history, with 885 million records being compromised in 2019. The breach was a result of poor security practices on their servers, with sensitive information being accessible to external users. This information included bank account details, Social Security digits, wire transactions, as well as other mortgage paperwork.
3. Facebook (2019) – 540 million records
The third largest known data breach belongs to social media giant Facebook, with 540 million records compromised in 2019. Third-party app developers posted the records on a public Amazon cloud server with the compromised records including information such as account names, IDs, and information about reactions and comments on posts.
4 (Tie). Marriott International (2018) – 500 million records
Hotel chain Marriott International has the tied fourth largest known data breach, with 500 million records compromised in a 2018 attack. Hackers suspected of working on behalf of the Chinese government were behind the attack on Marriott’s reservation database. The information that was compromised included unencrypted passport numbers and encrypted credit card numbers stored on the same server as their encryption keys.
4 (Tie). Yahoo (2014) – 500 million records
The second time Yahoo has featured on this list, the 2014 attack was the tied fourth largest known data breach, with 500 million records compromised. The attack resulted in information such as names, email addresses, telephone numbers, dates of birth, and answers to security questions being stolen.”
The famous Mark Twain line, “Figures don’t lie, but liars figure,” can certainly apply to these stats.
The data breach numbers and costs keep going up, but one quarter may be less or more than the previous quarter, depending on the sector, and who is included or not included. Also, are you counting the number of incidents, records breached, costs, restoration time, dwell time or some other key metric?
Nevertheless, the reason I wrote this blog post now is not to compare IBM to Verizon data breach reports. Nor is it to analyze which sectors are up and which are down this year or quarter or month or week regarding cyber attacks.
The bottom line is that we continue to see major cyber attacks disrupt the lives of Americans and others around the world on a daily basis in every area of life. Schools and hospitals are not able to operate. Banks lose personal data and governments shut down, leaving emergency services disabled.
The impacts of cyber attacks continue to grow louder, but most people have become so used to the noise that they fail to pay proper attention. This new normal is scary, almost like bodily injury by a thousand cuts that come one a day, rather than one huge Cyber Pearl Harbor incident that shuts down society overall.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
*** This is a Security Bloggers Network syndicated blog from Lohrmann on Cybersecurity authored by Lohrmann on Cybersecurity. Read the original post at: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/ransomware-and-data-breaches-impacts-continue-to-grow-louder