Data Breaches on the rise - 2021 Set to hold most data breaches ever recorded in 1 Year span

A report released this week by the Identity Theft Resource Center (ITRC) suggests that the number of data breaches recorded by the end of 2021 will surpass that of any other previously recorded year. The report shows that the number of data breaches from the start of the year to the end of September is already higher than the total number of data breaches for the entire year of 2020. 

According to data given in the report, the entire year of 2020 had 1,108 reported data compromises, while 2021 has 1,291 already, as of September 30. In comparison, 2017 holds the record for most data breaches with 1,529. 

CEO and President of the ITRC Eva Velasquez prefaced: 

“While the total number of data breaches dropped slightly in Q3, we are only 238 data breaches away from tying the all-time record for data compromises in a single year”. 

Data breaches are seemingly becoming more prevalent, with attackers taking on larger targets. Massive data breaches such as that of Twitch.tv, Fitbit, and T-Mobile all occurred in the past few months alone. 

Q3 Data Breach Report 

The ITRC report focused on data breach occurrences in Q3 of 2021, providing insight into the main causes of the data breaches. The report outlines that cyberattacks were the main cause of data compromises. Ransomware related data breaches have exceeded that of 2020, and the number of phishing related data breaches is on trend to exceed 2020 by the end of the year. 

The increase in data breaches caused by cyberattacks is no surprise, with cyberattacks increasing generally over the COVID lockdown into 2021. Ransomware attacks have been on the rise since 2020, as previously reported in an ActiveIT study. 

The number of data breach victims increased in Q3 2021, with there being more victims in Q3 than in the entire first 6 months of 2021. The ITRC attributes this to insecure cloud databases resulting in 26 attacks with a combined total of around 147 million victims. 

CEO Eva Velasquez added that people should “continue to practice good cyber-hygiene to protect themselves and their loved ones as these crimes continue to increase.” 

Issues With Data Breach Notices 

The report states that there is a trend developing “were organizations and state agencies do not include specifics about data compromises or report them on a timely basis.” 

One state has reportedly not updated their data breach notices since last September. 

The report shows a large number of notices do not go into detail about the source or scope of a data breach. So far in 2021, 359 data breaches due to cyberattacks have not been specified, which is a massive upswing from the 162 unspecified cases in the entire of 2020.  

The lack of transparency from businesses and government bodies may be troubling, as victims of data breaches could go unaccounted for. Not knowing the source of these data breaches also makes it harder for other businesses to shore up their defences.