183 Million Accounts Compromised In Q3 2014

Consumers experienced a wide range of data privacy and security threats in the third quarter of 2014 as hackers successfully conducted large-scale attacks against financial services and retail companies as well as consumers’ personal online accounts and identities.

These were just some of the findings from the third quarter 2014 Breach Level Index (BLI) released today by SafeNet, a data protection solutions firm.

Personal and financial information

Between July and September of this year, there were 320 breaches reported worldwide, an increase of nearly 25 percent compared to the same period last year, and more than 183 million customer accounts and data records containing personal or financial information were either stolen or lost.

Individuals also felt the data privacy pinch with breaches occurring across three major consumer activities: their banking, shopping, and online identities. Financial Services (42%) and Retail (31%) took the top spots among all industries in terms of the number of compromised customer accounts and data records. These were followed by breaches involving Technology and Personal Online Accounts (20%) such as email, gaming and other cloud-based services. In addition, Identity Theft also took the top spot among the types of data breaches, accounting for 46% of the total.

“Consumers’ heads must be spinning as criminals are easily getting access to their credit card, banking and personal information at every turn,” said Tsion Gonen, chief strategy officer at SafeNet.

“Companies should assume a breach and plan accordingly. They need to implement technologies and programmes that minimise the impact of a breach on top of the traditional prevention. As it is, these technologies are just not being used by to the fullest extent by either consumers or companies.

Gonen added: “The retail industry has been consistently hit hard with breaches. Criminals want to have access to credit card and banking information for financial gain or to obtain personal information to use for identity theft. Customers have been very tolerant of these breaches, because they feel that this access can be corrected by someone else, like a bank replacing a stolen credit card.

“However, this new surge of online identity breaches is much more serious for individuals. Once your personal photos or private messages have been accessed and leaked online, there’s no fixing that. Those items will be forever in cyberspace for your future employers, friends and family to access. While it’s not surprising that sophisticated cybercriminals are continuing to attempt these breaches, what is surprising is that again only 1% of breached records had been encrypted. Now is the time for customers to demand that their personal information be encrypted by companies.”

Q3 highlights by top three industries impacted:

Financial Services Industry

77,605,972 data records stolen or 42% of all data records stolen

33 data breach incidents or 11% of all data breach incidents

Retail Industry

57,216,390 data records stolen or 31% of all data records stolen

47 data breach incidents or 15% of all data breach incidents

Technology/Social Media/Other Online Services

36,415,080 data records stolen or 20% of all data records stolen

38 data breach incidents or 11% of all data breach incidents