February 27, 2020

February 27, 2020

Subscribe to Latest Legal News and Analysis

February 26, 2020

Subscribe to Latest Legal News and Analysis

February 25, 2020

Subscribe to Latest Legal News and Analysis

Data Breaches on the Rise in 2014

More than 200 million records were lost in digital breaches during the first three months of 2014, according to a new report that parses publicly available information on data breaches.   The records were lost in connection with at least 254 publicized breaches, according to SafeNet, a data security company that published the report.

Those numbers represent a 233% increase from the same time period in 2013.  Still, they provide only a partial look at the extent of the issue, since many breaches are never publicly disclosed.  Even if they are disclosed, 46% of breaches did not report how many records were lost, SafeNet found.

The most likely cause for a breach was a malicious insider, accounting for 52% of all records breached, the survey found.  Coming in second: malicious outsiders, who accounted for 43% of records breached.  All other causes combined accounted for fewer than 5% of records breached, SafeNet said.

The financial industry suffered the worst breaches, accounting for 55% of the records lost worldwide, while the healthcare industry had the highest number of breaches, according to the report. 

Although North America had the highest number of disclosed breaches, representing 74% of reported breaches worldwide (which is unsurprising, given that the U.S. has one of the most advanced systems requiring disclosure of data breaches), it accounted for only a small fraction of the total records lost.  South Korea experienced four of the top five breaches, with a loss of 158 million records that amounted to 86% of all records breached, SafeNet found.  

The vast majority of organizations that suffered breaches did not secure their data using strong encryption, the report found.  Of the 254 breaches, only 1% involved records with strong encryption, key management and/or authentication solutions that rendered the data useless.

© 2020 Covington & Burling LLP


About this Author

Katharine Goodloe, litigation attorney, Covington

Kate Goodloe helps clients navigate a broad range of privacy, cybersecurity, technology and communications issues.

Ms. Goodloe represents clients in privacy-related litigation, enforcement actions, and government investigations, in addition to proactively counseling clients on regulatory and compliance issues. Ms. Goodloe has particular experience advising technology clients on laws regulating the collection, use, and sharing of data, including electronic surveillance laws, and in litigating these issues. Prior to becoming a lawyer, Ms. Goodloe worked as a...