But Unreported Counts Create Uncertainty
By Roy Urrico
The good news over the first half of this year is the number of reported data compromises and victims dropped from the same period in 2021. The bad news, according the Identity Theft Resource Center (ITRC), is that a considerable number of incidents did not include a casualty count, so the actual number of cybercrime victims is not known.
The El Cajon, Calif.-based ITRC, a national nonprofit organization, established to support victims of identity crime, released its U.S. data breach findings for the first half (H1) of 2022. According to the H1 2022 Data Breach Analysis, there were 817 publicly-reported data compromises in the U.S. in H1 of 2022, a 4% decrease compared to the same period in 2021.
The number of reported victims (53,350,425) impacted by data compromises continued to drop in H1 of 2022 (down 45% percent from the first half of 2021) as the nature of data compromises shifted to attacks targeting businesses, government agencies and institutions. However, an average of 39% percent of all data breach notices issued during the first six months this year did not list a victim count.
“We see the criminals continuing to shift their tactics, resulting in the significant drop in the number of victims impacted,” said Eva Velasquez, president and CEO of ITRC. “We also see a decrease in the number of publicly reported data breaches and the number of data breaches linked to ransomware attacks. However, the declines could be misleading since 40% of the data breach notices issued in the first half of the year did not include basic information like attack vector or victim count.” Velasquez noted a few large breaches or a handful of smaller compromises could quickly reverse these trends.
Compromising Causes
Approximately 87% of 2022’s H1 data compromises were due to some type of a cyberattack, according to the ITRC Report.
Leading the list of reported cyberattack vectors that resulted in 734 breaches and 35,891,170 victims:
· Phishing/smishing/business email compromise (BEC), 219
· Ransomware, 124
· Malware, 46.
Ransomware attacks declined quarter-over-quarter in 2022 for the first time since ransomware surpassed malware as the number two primary cause of data breaches in 2019. ITRC Security researchers believe that the decline in ransomware attacks is due to a combination of factors, including the ongoing conflict in Ukraine and the collapse of cryptocurrencies favored by cybercriminals.
Among industry sectors, financial services ranked second with 127 compromises; and first with 22,309,482 in the number of reported compromised victims. Healthcare led with 161 reported compromises and the technology sector had the second most reported victims, 12,394,573, for H1 of 2022.
Because so many breach reports did not include the root cause of the compromise, ITRC could not ascertain the precise cause of the compromise, which is the first time this occurred since the ITRC began tracking the cause of data compromises. Supply chain attacks, a subset of cyberattacks, continue to be a favored attack route for cyberattackers.
Key Takeaways:
· Data compromises are up slightly – 2% percent in the second quarter (Q2) of 2022 compared to the first quarter (Q1) of 2022. However, the overall pace of data compromises for the H1 of 2022 is down 4% percent compared to the same period in 2021. The total number of data compromises reported in 2021 — 1,862 — was a record high.
· The number of people reportedly impacted by data compromises continued to drop in the first half 2022 as the nature of data compromises shifted to attacks targeting businesses, government agencies, and institutions.
· Cyberattacks continued to be the primary attack vector leading to a data compromise so far this year. Ransomware attacks linked to breaches dropped 20% in the second quarter of this year from the previous quarter – the first quarter-over-quarter drop since the ITRC began tracking ransomware in 2018.
ITRC as an Advocate
The ITRC recently launched a free alert service for consumers where individuals can create a list of companies with which they do business. A subscriber then receives an email alert if one of their listed organizations becomes added to the notified data compromise database.
The ITRC advocates for the victims of identity fraud by raising awareness among lawmakers, decision makers and policy makers. “I have not seen a time when these folks are more engaged and more willing to listen and devote resources to this particular victim population,” Velasquez told Finopotamus earlier this year.