The number of compromised data records worldwide, including social security numbers, bank card details, and other critical information, grew more than four-fold year over year, from 3.1 billion to 13.3 billion, according to InfoWatch’s Analytical Centre Global Data Leakage Report 2017.
During the period, global mass media and other open sources reported a total of 2,131 data leaks from enterprises, 37% more than in 2016.
In addition, 39 mega leaks (at least 10 million records each) accounted for some 13 billion records or almost 99% of all data stolen worldwide.
Compared to 2016, the number of global mega leaks dropped by 12%, while the number of compromised records per mega leak increased almost five-fold to reach 336 million.
“Once again, the global leak picture changed a lot, mainly due to the digitalisation of economic, political, social, and other sectors of life,” said Sergey Khayruk, an analyst at InfoWatch Group. “The volume of compromised data records and leak intensity surpassed all expectations, mostly due to new data storage and processing approaches. Instead of keeping and handling customer, employee, and citizen details in different offices and branches like they did before, governments and enterprises now leverage emerging technology to centrally collect information and thus maximise Big Data benefits.”
The share of insider-driven mega leaks grew from last year’s 13% to 54% in 2017, with internal offenders being responsible for some 60% of all leak incidents. The majority (53%) of cases were caused by rank-and-file employees, which is 10 percentage points higher than in 2016, while some 3% were triggered by privileged users, such as top managers, heads of business units, and system administrators.
In terms of incident patterns, unskilled leaks unrelated to access abuse or data fraud shaped 83% of cases.
“Increasingly aggregated and centralised data storages once again bring up the issue of an insider whose errors and other actions may cause more and more grave consequences, leading to leaks,” the report notes.
Despite a 7% drop year-on-year, user data still takes the largest share in the global structure of compromised information, with 86% of leaks involving personal and financial data, with the share of payment data leaks growing by 13.8% to exceed 20% of the total volume.
“When it comes to leaks, one of the main concerns has always been that nobody could accurately quantify the damage and thus measure the effectiveness of protection tools,” Khayruk said. “Today, we can see many cases when damage is assessed in terms of money, which means that enterprises can evaluate their financial losses caused by data leaks. Therefore, cybersecurity specialists can justify the return on investment in enterprise information security measures.”
Just like in 2016, the majority of 2017 leaks preferred the network channel, while leaks via email grew to 13%. Compared to 2016, there were fewer data leaks via removable media and those involving paper documents and equipment theft/loss.
Data leaks were detected most often in healthcare (17.4%), high-tech (16.7%), and government (16.5%) sectors, while most rarely, in local authorities (5.5%) and manufacturing and transport enterprises (5.3%).
High-tech, retail, and government sectors had the largest volume of data compromised (32%, 27%, and 23%, respectively), with the share of data leaks in the government sector going up four times.