Equifax’s recent breach may be just a drop in the data-breach bucket by the end of 2017, according to new research out this week from digital security company Gemalto.
The Amsterdam-based company reported that 918 data breaches compromised 1.9 billion data records worldwide during the first six months of this year — a rate that works out to more than 10 million records a day and 122 records every second. Overall, the number of records exposed rose 164% in the first half of the year, it said.
For the most part, malicious outsiders were to blame for the breaches, but the data also suggested that malicious insiders are a growing threat: The number of records they compromised ballooned over 4,000% in the first half of the year to 20 million.
The alarming rise in data breaches isn’t happening everywhere, however. Europe only had 49 data breaches in the first six months of the year and actually experienced a 35% drop from the previous six months, Gemalto reported.
“Traditionally, North America has always had the largest number of publicly disclosed breaches and associated record numbers, although this is poised to change in 2018 when global data privacy regulations like the European General Data Protection Regulation (GDPR) and Australia’s Privacy Amendment (Notifiable Data Breaches) Act are enforced,” it said.
The Equifax breach, arguably one of the most controversial in recent years, seems to have reignited a push among credit union industry leaders here in the United States for tougher regulations on companies that possess personal data.
Among them is New York Credit Union Association president/CEO William J. Mellin, who said in a scathing public statement Tuesday that the breach highlights the need for tougher state-level cybersecurity standards if Congress does not create federal data-protection standards.
“The Equifax data breach and their bungled response yet again underscore the need for a robust cybersecurity framework at the federal level. The bottom line is, what we’re doing now from a cybersecurity standpoint is just not working,” he stated.
“Far too often we are seeing the same reaction from organizations that have failed to adequately protect consumers’ data: a press release that’s light on details released long after the breach was discovered; a year of free credit monitoring; and an apology and a commitment to do better. That’s no longer enough,” Mellin added.
Mellin called for uniform standards for managing confidential information and better recourse for credit unions that bear the recovery costs of data breaches.
“Every business and entity that collects or stores this type of information should be subject to the same strict standards. And if Congress cannot act unilaterally to solve the gaping holes in our nation’s cyber-infrastructure, then the state of New York should,” he said.
Gemalto’s research comes on the heels of similar findings released in July by Richmond, Virginia-based cyberanalytics firm Risk Based Security. It found that the total number of records compromised in the first half of 2017 due to data breaches is already higher than all of 2016.
