Gemalto published the Breach Level Index Report. More than 1 billion data records were stolen

Gemalto has issued the 2014 Breach Level Index based on data gathered from publicly-available information about data breaches throughout the world.

A new research published by Gemalto security firms reveals that more than 1 billion data records were stolen in more than 1,500 different data breaches last year.

The company highlighted the significant increase in both corporate breaches and data theft compared to the previous year.

“[Gemalto] releases the latest findings of the Breach Level Index, revealing that more than 1,500 data breaches led to one billion data records compromised worldwide during 2014. These numbers represent a 49% increase in data breaches and a 78% increase in data records that were either stolen or lost compared to 2013. ” states the Breach Level Index report.

The data related to stolen data records is disturbing, loss of data records were up by 78 percent on the year prior, meanwhile data breaches were up by 49 percent.

According to findings of the Breach Level Index, the main motivation for cyber attacks in 2014 was the identity theft that accounted for 54% of the incidents, this motivation for data breach was predominant also respect financial-motivated attacks.

Another worrying aspect revealed by the study is that the identity theft data breaches also accounted for one-third of the most severe incidents. The Breach Level Index proposes a categorization of the data breach based on their impact, so called Catastrophic events are characterized by a BLI score of between 9.0 and 10 meanwhile the incident is classified as Severe with a score ranging from 7.0 to 8.9.

“We’re clearly seeing a shift in the tactics of cybercriminals, with long-term identity theft becoming more of a goal than the immediacy of stealing a credit card number,” declared Tsion Gonen, Vice-President of Strategy for Identity and Data Protection at Gemalto. “Identity theft could lead to the opening of new fraudulent credit accounts, creating false identities for criminal enterprises, or a host of other serious crimes. As data breaches become more personal, we’re starting to see that the universe of risk exposure for the average person is expanding.”

The predominance of Identity theft-motivated attacks highlighted the trend of the cyber crime to achieve long-term persistence on targeted systems to run malicious activities.

“We’re clearly seeing a shift in the tactics of cybercriminals, with long-term identity theft becoming more of a goal than the immediacy of stealing a credit card number,” added Gonen.”As data breaches become more personal, we’re starting to see that the universe of risk exposure for the average person is expanding.”

The industries that suffered the major losses were retail and financial, retail experienced an increase in data breaches for 11% compared to last year. In terms of data records compromised, the retail industry accounted for 55% compared to 29% last year due to the increased number of attacks against point-of-sale systems.

“”Not only are data breach numbers rising, but the breaches are becoming more severe,” added Gonen. “Being breached is not a question of ‘if’ but ‘when.’ “

For more data I suggest you to download the 2014 Breach Level Index Report. 

Pierluigi Paganini

(Security Affairs –  2014 Breach Level Index Report, Data Breach)