2015 was a bad time for database administrators, says Gemalto, a data security company, after compiling all of last year's data breaches in its bi-annual Breach Level Index report.
During the past twelve months, Gemalto's researchers observed and inventoried 1,673 data breaches that leaked in total over 707 million data records.
The numbers are astounding but are mainly driven by a few series of big-name incidents. Among them are the Anthem Insurance data breach (78.8 million records), the Turkish General Directorate of Population and Citizenship Affairs data breach (50 million records), the Korea Pharmaceutical Information Center data breach (43 million records), the US Office of Personnel Management data breach (22 million), and the Experian data breach (15 million records). While these incidents got all the headlines, they are not entirely representative of the entire spectrum of recorded data breaches.
Gemalto security analysts say that, during 2015, most breaches were perpetrated by malicious outsiders [964 incidents, 58%], were the result of an accident [398 incidents, 24%], or of an insider's actions [238 incidents, 14%]. Hacktivists and state-sponsored groups also played a role, but not as big as you'd think, not even to account for over 4% combined.
Attackers mostly targeted government sites and personal records
Most of the leaked records are from the government sector [307 million records, 43%], followed by healthcare [134 million records, 19%], the technology field [84 million records, 12%], retail [40 million, 6%], and education [19 million, 3%].
As per Gemalto's earlier report from September 2015, the most targeted country remains the US, which saw 1,222 data breaches. The rest of the top 5 is made up by the UK with 154 incidents, Canada with 59 incidents, Australia with 42 incidents, and New Zealand with 22 incidents. In spite of its huge size, China recorded only 8 incidents, just as many as the Netherlands.
In 53% of all incidents, hackers were after identity and personal information, while in 22% of the incidents, the attackers targeted financial data. Other reasons for breaking into databases were to steal account access credentials (11%), existential data (10%), or just as a nuisance (hacktivism) (4%).