2 UAE breaches, 14+ million records compromised, Gemalto Breach Level Index H1

Arun Shankar
October 14, 2018 8:32 pm

Gemalto released the latest findings of the Breach Level Index, a global database of public data breaches, revealing 945 data breaches led to 4.5 billion data records being compromised worldwide in the first half of 2018. Compared to the same period in 2017, the number of lost, stolen or compromised records increased by a staggering 133%, though the total number of breaches slightly decreased over the same period, signaling an increase in the severity of each incident.

In the United Arab Emirates, 2 data breaches were recorded with over 14 million comprised data records. In addition, the Telecommunications Regulations Authority reported that a total of 274 cyber-attacks targeted at government, semi-government and private sector entities in the UAE were recorded in the first seven months of 2018. Despite an overall decline in the number of data breaches, Gemalto’s Breach Level Index data suggests that security incidents are getting faster and larger in scope.

A total of six social media breaches, including the Cambridge Analytica-Facebook incident, accounted for over 56% of total records compromised. Of the 945 data breaches, 189 20% of all breaches had an unknown or unaccounted number of compromised data records.

The Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted. By assigning a severity score to each breach, the Breach Level Index provides a comparative list of breaches, distinguishing data breaches that are not serious versus those that are truly impactful.

According to the Breach Level Index, almost 15 billion data records have been exposed since 2013, when the index began benchmarking publicly disclosed data breaches. During the first six months of 2018, more than 25 million records were compromised or exposed every day, or 291 records every second, including medical, credit card and financial data or personally identifiable information. This is particularly concerning, since only one percent of the stolen, lost or compromised data records were protected by encryption to render the information useless, a percent-and-a-half drop compared to the first six months of 2017.

“Globally, social media has been the top industry and threat vector for the compromise of personal data this year, while here in the UAE, the primary source of reported data breaches was through app-based platforms,” said Sébastien Pavie, Regional Director META, Enterprise and Cybersecurity, at Gemalto.

“With the introduction of the Information Assurance Standards in the UAE as well as European regulations such as GDPR, 2018 has been a landmark year for data protection regulations and will most likely increase the number of publicly disclosed breaches. This renewed focus on data compliance is challenging for organisations, however, it is crucial for building a strong foundation to combat cyberattacks. By implementing a proactive data security approach into the IT infrastructure, companies can effectively prepare for a breach, and avoid falling victim to one.”

Primary Sources of Data Breaches

Malicious outsiders caused the largest percentage of data breaches 56%, a slight decrease of almost seven percent over the second half of 2017 and accounted for over 80% of all stolen, compromised or lost records. Accidental loss accounted for over 879 million 9% of the records lost this half, the second most popular cause of data breaches representing over one third of incidents. The number of records and incidents involved in malicious insider attacks fell by 50% this half compared to the same time period in 2017.

Leading Types of Data Breaches

Identity theft continues to be the leading type of data breach, as it has been since Gemalto first started tracking in 2013. While the number of identity theft breaches increased by 13% over the second half of 2017 to just over 64%, the number of records stolen through these incidents increased by 539%, representing over 87% of all records stolen.

Financial access incidents show a disturbing trend in the escalation of severity. Though overall incident numbers are on the decline H1 2017 vs. H1 2018 171 for H1 2017 and 123 for H1 2018, the number of records breached increased H1 2017 vs. H1 2018 2.7 million and 359million respectively.

Industries Most Affected by Data Breaches

Most sectors saw an increase in the number of incidents compared to the previous half – the exceptions were government, professional services, retail and technology, though both government and retail saw an increase in the number of records breached through fewer events. Healthcare continues to lead in number of incidents 27%. The largest such incident, 211 LA County, exposed 3.5 million records through accidental loss. Social media ranks top for number of records breached 56% due to the high-profile customer data compromises at Facebook and Twitter, involving 2.2 billion and 336 million respectively.

Key takeaways

  • In UAE, 2 data breaches were recorded with over 14 million comprised data records.
  • TRA reported that a total of 274 cyber-attacks targeted at government, semi-government and private sector entities in the UAE were recorded in the first seven months of 2018.
  • Government and retail saw an increase in the number of records breached through fewer events.
  • Healthcare continues to lead in number of incidents 27%.
  • Social media ranks top for number of records breached due to compromises at Facebook and Twitter.
  • Six social media breaches accounted for over 56% of total records compromised.
  • Of the 945 data breaches, 20% had an unknown number of compromised data records.

 

Tags: