Organisations lost over 2.5 billion data records worldwide in 2017

Organisations lost over 2.5 billion data records worldwide in 2017

Organisations lost over 2.5 billion data records worldwide in 2017

Organisations across the globe suffered as many as 1,765 "reported" data breaches that resulted in the loss or theft of 2.5 billion data records in 2017, 1.9 billion of which were lost or stolen due to human error or employee carelessness, security firm Gemalto's latest Breach Level Index report has revealed.

10 bn data records lost in 5 years

The index highlighted the alarming rate at which organisations across the world are suffering loss or theft of data records- be it enterprise or customer data, and that the rate of loss is increasing every year. Including the 2.5 billion data records lost in 2017 alone, the total number of data records lost since 2013 has exceeded 10 billion. In fact, the number of records stolen or lost in 2017 nearly doubled (88%) since 2016.

In the last five years, on an average, organisations have suffered loss or theft of 5,053,490 records every day, 210,562 records every hour, 3,509 records every minute, or 58 records every second.

Common human errors or examples of employee carelessness such as improper disposal of records, misconfigured databases and other unintended security issues resulted in the loss of 1.9 billion data records globally in 2017, a rise of 580% in the number of compromised records compared to the previous year.

At the same time, over 600 million data records were lost to identity theft which formed 69 percent of all data security incidents, and incidents that involved the loss of basic information such as name, address and/or phone number increased by 560% from 2016.

While 72 percent of all reported data breaches were orchestrated by malicious outsiders, such breaches resulted in the loss of only 23 percent of data. On the other hand, accidental loss was the cause of 18% of data breaches but still accounted for 76% of all compromised records.

33 mn data records compromised in the UK

In 2017, organisations based in UK suffered the second highest number of data security incidents in the world (80) after the United States, and suffered loss or theft of over 33 million data records in the entire year. Out of the 33 million, around 26 million data records were lost by the NHS alone thanks to the WannaCry ransomware attack which took place in May last year.

Even though malicious outsiders were behind 48 percent of data security incidents in the UK, the data loss owing to such attacks was minimal. On the other hand, 88% of all compromised records were accounted for by incidents of accidental loss that included improper disposal of records, misconfigured databases, and other unintended security issues.

"On the face of it, UK organisations’ security and data protection seem to be improving. However, with GDPR on the horizon it’s likely that the total amount of lost data will rise nearer in line with the US, who have had to publicly reveal breaches for a number of years," said Joe Pindar, Director of Product Strategy at Gemalto.

"Worryingly, for UK organisations, is the number of records being compromised due to accidental loss. Companies are clearly not controlling or even knowing where their sensitive customer data is, so when it comes to complying with key aspects of GDPR like the ‘Right to be Forgotten’, what hope is there that they will be able to remove customer data from all of their systems?

"Whilst human error is something that all organisations have to deal with, if it’s not correctly encrypted, data can easily be compromised if it got into the wrong hands. With just over a month to go, UK businesses don’t have a lot of time to get important points like this right," he added.


UK health sector accounted for 43 percent of all security incidents since 2014

Data breaches cost the UK 28 million data records in the first half of 2017

UK firms perform better than European ones in dealing with security incidents: IDC

Copyright Lyonsdown Limited 2021

Top Articles

teissTalk: Cyber Policy & Supply Chain Resilience

On 15 April, teissTalk host Geoff White was joined by a panel of four cyber security experts to discuss keeping supply chains cyber secure and resilient.

teissTalk: Malicious or Non-Malicious? Tackling the Remote Insider Threat

On 13 April, teissTalk host Jenny Radcliffe was joined by a panel of four cybersecurity professionals to discuss insider threats, especially the threat posed by remote workers.

Meet the teissTalk Hosts - The state of cyber crime in 2021

Social engineer Jenny Radcliffe and investigative journalist Geoff White, the joint hosts of teissTalk, introduce themselves

Related Articles