Health care continues to be a top target for hackers
The United States is on track for a record number of data breaches in 2023, according to a report from the Identity Theft Resource Center. In the second quarter of this year, there were 951 publicly reported incidents, a 114% increase from the first quarter. So far, there have been 1393 data comprises, and at this pace, 2023 could surpass the all-time annual high of 1,862 compromises set in 2021.
While the number of reported breaches increased, the good news is that the toal number of people affected by them dropped from 424 million in 2022 to 156 million this year, according to the report.
Health care continues to be the most targeted sector, but financial services firms reported nearly double the number of compromises compared to the same period in 2022, and every industry sector reported a higher number of breaches. The report states that phishing and ransomware were the primary attack methods, and the number of malware attacks this year is up 89% compared to the same period last year.
The overall incidents break down as follows:
ITRC CEO and president, Eva Velasquez, called the new stats as “historic”, adding, “Since we started tracking data compromises in 2005, only the full years of 2017, 2021 and 2022 have exceeded the number of data events recorded in the first six months of 2023.”
Stephen Gates, principal security SME, Horizon3.ai, said in a statement that hackers are changing their methodology. “Today, ransomware is the name of the game, but attackers have added a twist. In the past run-of-the-mill breaches, attackers were silently stealing personally identifiable information so they could sell it to third parties, who would then use the personally identifiable information as part of their identify theft and fraud campaigns. Now, it appears the initial attackers want a bigger piece of the pie.”
Gates said that while attackers are still gaining remote access like they always have, they are nowharvesting vast amounts of data and threatening organizations with data disclosure if they don’t pay the ransom. He says this proves attackers have, and are maintaining, remote access while staying under the radar of common detection approaches.
“If organizations refuse to pay to stop the data disclosure, attackers then proceed with the traditional ransomware campaign, locking up systems, encrypting data stores, and basically taking the organization offline,” said Gates. “This acts as a double whammy.If organizations pay the first ransom to stop the data disclosure, will that stop the second threat of a full-scale ransomware takedown? I don’t think anyone knows the answer to that question.”