In the first six months of 2015, U.S. businesses and organizations have experienced 400 data breaches, affecting over 117 million records, according to the latest report from Identity Theft Resource Center (ITRC).
The medical/healthcare industry had the second-highest number of breaches at 139, but over 85 percent of all records affected nearly 101 million.
The “business” category incurred the highest number of breaches, but only 126,712 records. This category includes the retail sector, insurance firms, Hershey Park (which recently acknowledged that it is investigating a breach), restaurants, and hospitality organizations. This category includes even the office of presidential candidate Jeb Bush, who in an effort to be more “transparent” released a series of personal emails from his time as Florida governor. Unfortunately, those emails contained the Social Security numbers, names, and dates of birth for some 13,000 Florida residents.
While the banking/financial sector experienced only 40 breaches, those events still exposed just over 408,000 records. Government breaches, of which there were 29, exposed over 15 million records, according to ITRC, which amounted to 13.1 percent of all exposed records in the first six months of 2015. ITRC also updated the numbers associated with the data breaches suffered by the Office of Personnel Management, saying that 10 million people had been affected by the second breach. OPM had reported that 4.2 million federal employees were going to be notified as a result of the first breach.
Breaches at educational institutions have included events at Harvard just this past week, and Rutgers and Penn State in recent months for a total of 31 breaches and over 724,000 records.
ITRC reported earlier this year that 2014 posted a record high number of breaches at 783, with 2015 is on pace to beat that record, six months in. Since 2005, there have been just over 5,000 breaches reported, as of Jan. 1, 2015. The first half of the year has added another 400.
Speaking to last year’s results, Adam Levin, founder and chairman of IDT911, which sponsored the 2014 report, said: “It is important to note that the 5,000 breach milestone only encompasses those reported – many breaches fly under the radar each day because there are many institutions that prefer to avoid the financial dislocation, liability and loss of goodwill that comes with disclosure and notification. Additionally, not all businesses are required to report they’ve had a breach for a variety of reasons, which means the number of breaches and records affected is realistically much higher.”
Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].
