The Identity Theft Resource Center released its annual Data Breach Report which includes statistics about cyberattacks and data compromises in 2022.
Below are key findings to keep in mind.
While 2021 represented an all-time high for data compromises reported in the U.S., 2022 represents a rare plateau for data events after years of steady increases in the number of reported compromises. However, there were still 1,802 compromises representing 422,143,312 victims. The top 10 compromises of the year included:
- Twitter: 221,524,284 Victims
- Neopets: 69,000,000 Victims
- AT&T Data: 22,786,997 Victims
- Cash App Investing, LLC: 8,200,000 Victims
- Beetle Eye: 7,000,000 Victims
- Twitter: 5,485,636 Victims
- Receiveables Performance Management, LLC: 3,766,573 Victims
- Flexbooker: 3,756,794 Victims
- Eye Care Leaders: 3,372,880 Victims
- Advocate Aurora Health: 3,000,000 Victims
Meanwhile, the top 10 data breach attributes were:
- Name: 1,560
- Full Social Security Number: 1,143
- Date of Birth: 633
- Current Home Address: 565
- Driver’s License/State ID Number: 499
- Medical History/Condition/Treatment/Diagnosis: 465
- Bank Account Number: 443
- Medical Insurance Account Number: 370
- Undisclosed Records: 226
- Medical Provider Account/Record Number: 196
The first half of 2022 saw fewer data compromises and generally less victims. Cybersecurity experts pointed to Russia-based cybercriminals being distracted by the war in Ukraine for the overall drop in ransomware and cyberattacks during this time. Extreme volatility in the cryptocurrency markets, the currency of choice for cybercriminals, was also believed to have contributed to this shift towards other attack methods such as phishing scams and supply chain attacks.
The number of compromises increased in the second half of the year by 21%. For the 11 of the 12 months of the year, the estimated number of data compromise victims was on a downward trend, but this was reversed with the news that the personal information of 221 million Twitter users were available in illicit identity marketplaces.
Another interesting finding revealed in the report was that data breaches suddenly lacked detail, resulting in increased risk for individuals and businesses. For most of the 20 years since the first data breach notice law was enacted in 2003, most notices generally included information that could help people determine the relative risk of any given breach and the steps to protect against similar attacks. But in the beginning of Q4 2021 throughout the rest of 2022, that trend was reversed with less information being included in required public notices.
In 2022, 747 data compromises were announced in notices that did not specify a root cause of the event. That compares to the 1,595 compromises linked to cyberattacks.
With that said, it is important to know how you can protect yourself and your business against any cyberattacks. For all your cybersecurity needs, call TNTMAX at (201) 891-8686, email us at [email protected], and browse our website for more solutions on how to stay safe online.