The first half of 2021 has demonstrated an overall decline in the number of breaches. However, “breach severity” and the number of breaches which disclose a substantial amount of data continues to be a “troublesome trend”.
According to RiskBased Security’s 2021 Data Breach QuickView/ Mid Year Report, 353 “reported data compromised events” took place with ransomware as a key element used for the attack.
It was observed that the year 2020 witnessed a sharp drop in the amount of “publicly disclosed breaches.” Now there seems to be a return to more “traditional” breach patterns.
An example of this took place in early Spring of 2021, when unemployment benefits were released in the US around late winter. Fraudsters worked endlessly to take advantage of the new “round of funding.” They specifically targeted a key piece of information used to apply for unemployment…the driver’s license number.
With the use of stolen information from other sources, fraudsters were able to steal driver’s license information within quotation platforms from insurance key players like Liberty Mutual, Geico, American Family, Farmers Insurance, and USAA.
Fraudsters’ modus operandi is to take advantage of timing and the available opportunity to carry out their fraudulent operations.
While attacks continue to follow certain patterns, how attackers are monetizing their activities are increasingly varied.
On “the bright side”, the number of breaches that have exposed email addresses along with passwords has decreased to its lowest level in three years. They made up a little over 17% of the type of data that was stolen in the first half of 2021. That may sound like good news, however, the number of emails and passwords exposed remain startlingly high. The first half of 2016 witnessed more than 16 billion email addresses and passwords compromised.
The report notes:
“The randomness of data pilfered during ransomware attacks and the hodgepodge of information that resides in email accounts, coupled with fewer-than-expected data leaks containing access credentials, is having an impact on the types of data exposed”.
The Most Targeted
Healthcare providers reported 238 breaches in the first 6 months of 2021. Since 2017, they have been a primary target for hackers. The second most targeted sectors were finance and insurance companies at 194 breaches. Communications came in third at 180 breaches reported.
The most targeted piece of information were names. It represented 61% of the type of data lost through breaches in the first half of 2021. This was compared to 45% in the year prior and 28% in the first half of 2019.
The second most stolen piece of data goes to Social Security Numbers. These made up 38% of data lost in breaches, compared to 27% back in 2020, and only 15% in 2019.
Severity Of Violation Is Increasing
The decrease in breaching may be a welcomed sign. However, a troubling trend that has been developing is the rising intensity of every infiltration. During the first quarter of 2021, “the average breach severity score” was 5.6, as opposed to 4.8 during the same time frame in 2020.
The report highlights that breach severity scores have been increasing since 2019. This was when the scores were 4.1 and 4.6 for the first and second quarter.
Breach activity in 2021 has been marked with great fluctuation. The severity of breaches are also rising as demonstrated by the average severity score and the sheer number of breaches that have disclosed an immense amount of sensitive data. Only time will tell as to how the rest of the year unfolds.