Navigant recently published the latest update of its comprehensive Information Security and Data Breach Report, which adds yet another analytic view of the data breach picture. And the view is not a pretty one. You can get a copy of the report here.
Some of the “highlights”:
- Healthcare entities again accounted for the largest percentage of the data reaches identified in either quarter (Q3: 39% vs. Q4: 40%), but it is unclear if that spike is a result of enhanced reporting or whether this is an indicator of more actual breaches.
- There was an 88.5% increase in the number of records breached from quarter to quarter (Q3: 1.02 million records vs. Q4: 1.93 million records)
- Healthcare entities showed the largest increase in the number of days between discovery and disclosure of a data breach, from 51 days to 94 days (and that is in spite of the legal requirement that breaches be disclosed in 60 days) . The report also reveals that the number of physician offices experiencing a breach in Q3 was 4%, while in Q4, that number increased dramatically to 38%.
- 50% of hacking incidents targeted corporate entities in Q3, while 67% targeted corporate entities in Q4.
- The average number of records breached per incident increased 71% from quarter to quarter. InQ3, the average number of records per incident was 18,253, but that number skyrocketed in Q4 to 31,069.