2013 dubbed year of mega data breaches as attacks soar

New study shows a 62 per cent increase in data breaches last year

The study shows that eight out of the top 10 breaches last year led to the loss of over 10 million identities per incident.
The study shows that eight out of the top 10 breaches last year led to the loss of over 10 million identities per incident.

A 62 per cent increase in data breaches last year -- including a rise in major incidents -- resulted in the exposure of more than 552 million personal identities, leading security company Symantec to dub 2013 "the Year of the Mega Data Breach".

In its annual Internet Security Threat Report (ISTR), released this morning, Symantec said that eight out of the top 10 breaches last year led to the loss of over 10 million identities per incident.

According to Paul Wood of Symantec Security Response, who is also executive editor of ISTR, there were 253 breaches in 2013, in which the average number of identities exposed was four times greater than in 2012. A single mega breach might be worth 50 smaller attacks, he said.

Speaking at the launch of the report in Dublin, he said the majority of breaches -- 34 per cent -- were due to hacking, while 29 per cent were accidental, and 27 per cent resulted from the theft or loss of a device.

READ SOME MORE

The number of targeted “spear phishing” attacks rose by 91 per cent in 2013, with individual campaigns lasting three times as long as the average attack in 2012.

Healthcare, education and the public sector accounted for 58 per cent of all attacks, but the retail, computer software and financial sectors accounted for 77 per cent of all the identities exposed last year.

The top three types of data obtained from the largest breaches were names, birth dates and government identification numbers, such as social security numbers in the US.

The largest growth in attacks came against medium-sized companies.

So-called “ransomware” attacks -- in which computers are locked down or have their data encrypted by hackers, who then demand payment to restore access or contents -- rose by 500 per cent.

The full report is available at www.symantec.com/threatreport

Karlin Lillington

Karlin Lillington

Karlin Lillington, a contributor to The Irish Times, writes about technology