Rise in successful state-sponsored cyber attacks seen in the first six months of 2015
- Published: Thursday, 10 September 2015 07:38
Gemalto has released the findings of its Breach Level Index for the first six months of 2015, revealing that 888 data breaches occurred, compromising 246 million records worldwide.
Compared to the first half of 2014, data breaches increased by 10 percent while the number of compromised data records declined by 41 percent during the first six months of this year. This decline in compromised records can most likely be attributed to that fact that fewer large scale mega breaches have occurred in the retail industry compared to the same period last year.
Despite the decrease in the number of compromised records, large data breaches continued to expose massive amounts of personal information and identities. The largest breach in the first half of 2015 – which scored a 10 in terms of severity on the Breach Level Index – was an identity theft attack on Anthem Insurance that exposed 78.8 million records, representing almost a third (32 percent) of the total data records stolen in the first six months of 2015. Other notable breaches during this analysis period included a 21-million-record breach at the US Office of Personnel Management (BLI: 9.7); a 50-million-record breach at Turkey’s General Directorate of Population and Citizenship Affairs (BLI: 9.3); and a 20-million-record breach at Russia’s Topface (BLI: 9.2). In fact, the top 10 breaches accounted for 81.4 percent of all compromised records.
Data breaches by source
The number of state-sponsored attacks accounted for just 2 percent of data breach incidents, but the number of records compromised as a result of those attacks totalled 41 percent of all records exposed, due to the breaches at Anthem Insurance and the US Office of Personnel Management. While none of the top 10 breaches from first half of 2014 were caused by state-sponsored attacks, three of the top ten this year were state sponsored—including the top two.
At the same time, malicious outsiders were the leading source of data breaches in the first half of 2015, accounting for 546 or 62 percent of breaches, compared to 465 or 58 percent in the first half of last year. 46 percent or 116 million of the total compromised records were attributable to malicious outsiders, down from 71.8 percent or 298 million in 2014.
Data breaches by type
Identity theft remained the primary type of breach, accounting for 75 percent of all records compromised and slightly more than half (53 percent) of data breaches in the first half of 2015. Five of the top ten breaches, including the top three – which were all classified as Catastrophic on the BLI – were identity theft breaches, down from seven of the top 10 from the same period last year.
Data breaches by industry
Across industries, the government and healthcare sectors accounted for about two-thirds of compromised data records (31 percent and 34 percent respectively), though healthcare only accounted for 21 percent of breaches this year, down from 29 percent compared to the same period last year. The retail sector saw a significant drop in the number of stolen data records, accounting for 4 percent compared to 38 percent for the same period last year. Across regions, the US represented the largest share with three-quarters (76 percent) of data breaches and nearly half of all compromised records (49 percent). Turkey accounted for 26 percent of compromised records, with its massive GDPCA breach in which 50 million records were breached by a malicious outsider.
The level of encryption used to protect exposed data - which can dramatically reduce the impact of data breaches – increased slightly to 4 percent of all breaches compared with 1 percent in H1 2014.
The Breach Level Index provides a centralized, global database of data breaches and calculates their severity based on multiple dimensions, including the type of data and the number of records stolen, the source of the breach, and whether or not the data was encrypted. By assigning a severity score to each breach, the BLI provides a comparative list of breaches, distinguishing nuisances from truly impactful mega breaches. Information populating the BLI database is based on publicly-available breach disclosure information.