Welcome to the Identity Theft Resource Center’s Weekly Breach Breakdown for July 15th, 2022. I’m James Lee.

Each week we take a look at the most recent events and trends related to data security and privacy. This week we’re looking to Bon Jovi for inspiration as we discuss the data compromise trends for the first six months of 2022. Like Tommy & Gina in Livin’ on a Prayer...we’re halfway there.

Show Notes

Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/
Follow on Twitter: twitter.com/IDTheftCenter

Show Transcript

We’re Halfway There

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for July 15, 2022.  Each week, we look at the most recent events and trends related to data security and privacy. This week, we look to Bon Jovi for inspiration as we discuss the data compromise trends for the first six months (H1), as well as look at some of the data breaches in 2022. Like Tommy & Gina in Livin’ on a Prayer...we’re halfway there. Let’s start with the highlights from the report.

Highlights from the ITRC H1 2022 Data Breach Analysis

  1. First, some good news: After a record-high number of publicly-reported data breaches in 2021 – 1,862 to be exact – there have been fewer data breaches in 2022 than at the same point in 2021: 817 this year vs. 851 by the end of June in 2021.
  2. The number of victims in H1 was also down ~45 percent from H1 2021. A little more than 53 million people were reported as being impacted by a data compromise through June, compared to 96 million for the same period last year.
  3. Also, ransomware attacks declined Quarter-over-Quarter (QoQ) for the first time since ransomware surpassed malware as the number two primary cause of data breaches in 2019. Phishing remained the number one root cause of data compromises in H1 2022.

Why it Happened

There is no silver bullet, and there is never any single reason why data compromises go up or down. For example, the number of victims and data breaches in 2022 is down for various reasons.

Security researchers speculate that the sudden decline in ransomware attacks is due to a combination of factors, including the ongoing conflict in Ukraine and the collapse of cryptocurrencies. Cybercriminals rely on cryptocurrencies to help them avoid being found, and for the stock market-like growth of crypto to multiply their ill-gotten gains. Some ransomware operators are moving on to other types of cyberattacks now that digital currencies do not offer the safe haven or exponential growth they once did.

It’s also important to remember that all of these trends – fewer compromises, victims and attacks – can be reversed in a heartbeat with just a handful of large breaches or a series of smaller ones.

There is also the possibility that the declines we’ve seen are an illusion, masked by the 40 percent of data breach notices that do not include basic information, such as attack vector or a victim count. We talked about this before. The trend away from transparency appears to be accelerating. At the current rate, “unknown” may be the number one cause of a data compromise for all of 2022. If that happens, it will be for the first time, and a very troubling outcome.

You can download our full H1 2022 Data Breach Analysis from our website at www.idtheftcenter.org/publications

Contact the ITRC

If you want to learn more about protecting yourself or your business from identity crimes, data breaches in 2022, or if you think you have been the victim of an identity crime or compromise, visit our website at www.idtheftcenter.org. You can speak with an expert advisor on the phone (888.400.5530), chat live on the web, or exchange emails during our normal business hours (Monday-Friday, 6 a.m.-5 p.m. PST). 

Listen to our sister podcast, The Fraudian Slip, where last month we discussed state privacy laws and a possible national privacy law. We will return next week with another episode of the Weekly Breach Breakdown.