Data Breach Security Confidential Cybercrime Concept.
Image: Adobe Stock

A successful data breach can impact an organization not just by compromising sensitive information but by serving as a prelude to ransomware and more devastating cyberattacks. In a new report entitled State of Data Breach Intelligence: 2022 Midyear Edition, security firm Flashpoint looks at the number and types of data breaches reported for the first half of 2022.

Data breaches are down 15% year over year

So far, 1,980 breaches have been reported by organizations for the first half of this year. That’s around 15% below the first-half volume for 2021, which seems like a positive trend. But, numbers can be deceiving, especially since organizations don’t necessarily report breaches in a timely manner.

“There are multiple reasons for the drop of data breaches, but the main contributor is the continued slowness of breach disclosures,” said Inga Goddijn, VP of structured intelligence at Flashpoint. “The good news is that reporting cadences are beginning to return to normal. As reporting catches up, we anticipate the number of breaches will actually match or exceed 2021.”

Over the same period, the number of records exposed in breaches fell dramatically to 1.4 billion this year from 27.3 billion last year, the lowest volume since 2015. This decline is the result of fewer open misconfigured service and database breaches being reported, in which one event can account for billions of records being lost, Goddijn added.

Last year saw 13 breaches that affected 100 million or more records. This year has witnessed only three such incidents. One example from last year is the FBS Markets breach reported in March 2021, which led to the leak of around 16 billion records.

Looking at annual totals, the number of breaches kept going up for several years before falling in 2020. The number rose from 6,807 in 2017 to 7,154 in 2018 and then to 7,632 in 2019. From there, the number dropped dramatically to 4,472 in 2020 and then inched up to 4,630 in 2021. The total numbers for 2022 are difficult to forecast at this point but could be on par with or higher than the total for 2021.

SEE: Mobile device security policy (TechRepublic Premium)

Causes for data breaches

Most (60%) of the breaches reported during the first half of 2022 were caused by hacks, which has been the top type of breach for the past several years. The cause was unclear in some 11% of the breaches, while others were triggered by viruses or fraud.

Among the breaches with a definite cause, around a quarter occurred within the affected organization, pointing to some type of insider threat. Out of these, most (61%) were attributed to mistakes in handling data rather than to intentional malice. The rest, however, were caused by actions ranging from the small-scale theft of credit card data from customers to the theft of technological innovations and proprietary source code.

Looking at the types of data stolen in breaches during the first half of the year, Flashpoint found that names were the most compromised item, followed by social security numbers. Other types of data caught in breaches included addresses, financial information, dates of birth, account information, medical information, email addresses, credit card numbers and passwords.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

Avoiding a data breach

How can organizations better protect themselves from data breaches? Flashpoint offers a couple of tips.

First, you need to make sure that the databases you deploy are secure and resistant to hacks and compromise. Second, you need to have strong vulnerability and patch management programs, especially if you depend on any type of public data, such as NIST’s National Vulnerability Database or CISA’s Known Exploited Vulnerabilities Catalog. Since more than 60% of the reported breaches were caused by hacking, organizations must be able to fix security vulnerabilities that affect their assets.

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays