IBM Security: Data Leaks Grew By 566 Percent in 2016

The number of compromised records increased by a massive 566 percent in 2016, rising from 600 million to more than four billion over the 12 months.

The leaked data includes traditional hacking targets like credit cards, passwords and health information, as well as a significant amount related to unstructured data such as email archives, intellectual property and source code.

The findings come from IBM Security’s 2017 X-Force Threat Intelligence Index, which collects data from more than 8,000 security clients in 100 countries. IBM X-Force also monitors more than eight million spam and phishing attacks daily and analyses more than 37 billion web pages and images.

Security concerns

A separate IBM study from December found that 70 percent of businesses infected with ransomware paid the ransom to regain access to data and systems last year, which encouraged cyber criminals to double down on ransomware in 2016.

The prevalence of spam emails showed a 400 percent year-on-year increase, with roughly 44 percent of these emails containing malicious attachments. in 2016, ransomware made up 85 percent of those attachments.

IBM also saw a shift from healthcare – which was the most attacked industry in 2015 – to financial services, which was the most attacked industry in 2016.

The number of compromised records in the healthcare industry dropped by 88 percent, from nearly 100 million in 2015 to just 12 million last year as attackers focused on smaller targets.

The unwelcome honour of the industry with the highest number of incidents and breached records goes to the information & communications sector, which experienced 85 incidents with 3.4 billion records leaked.

Government took second place with 39 incidents and 398 million records leaked.

“Cybercriminals continued to innovate in 2016 as we saw techniques like ransomware move from a nuisance to an epidemic,” said Caleb Barlow, vice president of threat intelligence at IBM Security.

“While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetise it this year in new ways.”

Quiz: What do you know about Internet security?