Data Breaches With Unreported Root Causes Continued Upward Climb in Q1

While 2023 started with fewer publicly reported data breaches, an increasing number of breached organizations failed to share detailed information about their root causes of events, according to the Identity Theft Resource Center’s (ITRC) latest data breach analysis.

The first quarter saw 445 publicly reported U.S. data compromises, a decrease from the 512 from the fourth quarter last year but up from the 202 reported in the first quarter of 2022. Of those breaches, 187 contained no actionable information about the root cause of the compromise, up from 155 in the first quarter of 2022 and just five in the first three months of 2021.

Six of the top 10 compromises in the first quarter did not include information about the root cause of the event, compared to four of the top 10 in the final three months of 2022.

A total of 378 breaches in the first quarter were attributed to cyberattacks, up from 366 year-over-year. Phishing was the most common attack vector that led to a data breach at 106. Breaches resulting from ransomware fell to 54 from 71 in the first quarter of 2022, and were even down relative to the 62 incidents reported in the first quarter of 2021.

Data compromises impacted more than 89 million people in the first quarter. Most people (84 million) fell victim to compromises in the manufacturing and utilities, technology, health care, and transportation sectors. Eight of the top 10 compromises affected more than 1 million people.

The healthcare industry reported the most data compromises among the top 10 for the third consecutive quarter. The top compromise in the quarter came from T-Mobile, which affected 37 million people.

Breaches resulting from human error grew year-over-year to 58 from 33. The seven reported breaches due to physical attacks in the first quarter (up from three year-over-year) all resulted from device theft.


© 2023 Zywave, Inc. All rights reserved.

Previous
Previous

Self-care and Mental Health

Next
Next

Safety Focus | April 2023