Risk Based Security released its Mid-Year 2018 Data Breach QuickView report, showing there have been 2,308 publicly disclosed data compromise events through June 30th. After a surprising drop in the number of reported data breaches in first quarter, breach activity appears to be returning to a more “normal” pace. At the mid-year point, 2018 closely mirrors 2016’s breach experience but still trails the high water mark set in 2017.
Phishing for usernames and passwords then using the stolen credentials to access systems or services stands out as a particularly popular attack method utilized by hackers in the first 6 months of the year.
Additionally, the arrival of the GDPR in May brought another layer of nuance to the cataloguing and reporting of data breaches. After the GDPR took effect, data protection authorities across the EU reported sizable spikes in the number of breaches submitted to their offices. How many will become public – or have already been disclosed and are only now making their way to regulators attention – remains to be seen.
Similar to Q1, fraud continues to hold the top spot for the breach type compromising the most records, accounting for 47.5% of exposed records. As with prior reports, the number of incidents attributed to hacking remains high, accounting for well over 50% of disclosed breaches.
Read more: Help Net Security