"Fewer Fall Victim to Data Breaches as Attackers Switch to Business in 2022"
According to new research condcuted by Identity Theft Resource Center (ITRC), a US-based non-profit that provides identity crime advice, the number of people falling victim to data breaches has fallen back from last year’s record high. They put their findings in a report called H1 2022 Data Breach Analysis. The researchers stated that in 2021 they saw 1862 publicly reported breaches, with 851 in the first half of the year. This year the researchers saw H1 breaches drop back to 817 incidents. More significantly, the researchers noted that the number of victims is down some 45% compared to the first half of 2021. The researchers suggest that this is partially caused by a switch by criminal hackers moving away from targeting individuals. Instead, they are targeting businesses through vectors, including supply chain attacks and business email compromise. According to the researchers, as many as 87% of data compromises so far this year resulted from cyberattacks. Phishing is the leading cause of compromise. In the second quarter of this year, 30 breaches, with just over 10 million victims, were down to system and human errors. The researchers attribute 10 breaches to misconfigured firewalls, nine to “correspondence,” and six to failures to configure cloud security. For the first time since 2018, researchers found a decline in ransomware incidents. The researchers stated that phishing, smishing, and business email compromise (BEC) accounted for 107 breaches, ransomware for 55, and 22 were attributed to malware in the second quarter. In total, these incidents accounted for 17.7 million victims. The ITRC cautions that the raw data might not give a complete picture of the number of people affected by cyberattacks. As many as 40% of data breach notices did not state information such as the attack vector or a victim count. The researchers noted that the total number of victims might be higher.
Infosecurity reports: "Fewer Fall Victim to Data Breaches as Attackers Switch to Business in 2022"