According to foreign media reports, the number of publicly reported data breaches in the third quarter of 2020 fell, according to Risk Based Security, but billions more records were exposed around the world, making this year’s The total amounted to 36 billion.
The security vendor’s Q3 2020 data breach QuickView report was compiled from manual and automated analysis of public reports, disclosure requests, and news stories.
It claims that 2020 was already the worst year on record before the 8.3 billion recorded in the third quarter, however, the figures include not only stolen data but also cloud-based misconfigurations that Possibly compromises information, but does not lead to malicious actors obtaining it.
In the first three quarters of this year, the number of data breach reports fell 51% year over year.
The vendor’s executive vice president, Inga Goddijn, believes this can be explained by an increase in ransomware attacks. Although these accounted for 21% of reported breaches in the first three quarters, there may be many more breaches that were not recorded.
While many of these attacks are now clearly intrusive incidents, the nature of the data leaked could allow some victim organizations to hold off on reporting the incident to regulators and the public. After all, the leaked data may be sensitive to the target organization, but unless it contains a sufficient amount of personal data to trigger a notification obligation, the incident may not be reported.
Healthcare was the industry most affected by intrusion incidents in the report, accounting for 11.5% of the total incidents.
Interestingly, two breaches each exposed over 1 billion records in Q3, and four breaches exposed over 100 million records. Thus, cumulatively, these six breaches constitute approximately 8 billion exposed records, or more than 22 percent of the total.