Data Breach QuickView Report - Risk Based Security
Transcript of Data Breach QuickView Report - Risk Based Security
1|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
DataBreachQuickViewReport
2016DataBreachTrends–YearInReview
Sponsoredby:RiskBasedSecurity
IssuedinJanuary20172016Setsnewrecords,onceagain…• Therewere4,149breachesreportedduring2016exposingover4.2billionrecords–approximately3.2billionmorerecordsthanthepreviousalltimehighexposedin2013.• Top10breaches(9Hacks1and1Web)exposedacombined3billionrecords.• Top10Severityscoresaveraged9.96outof10.0.• TheBusinesssectoraccountedfor51%ofreportedbreaches,followedbyUnknown(23.4%),Government(11.7%),Medical(9.2%),andEducation(4.7%).• TheBusinesssectoraccountedfor80.9%ofthenumberofrecordsexposed,followedbyUnknown(13.1%),Government(5.6%),Medical(.3%),andEducation<.1%.• 53.3%ofreportedbreachesweretheresultofHacking,whichaccountedfor91.9%oftheexposedrecords.• Malwareaccountedfor4.5%ofthereportedbreaches,butrepresentedjust0.4%oftherecordscompromised.• BreachesinvolvingU.S.entitiesaccountedfor47.5%ofthebreachesand68.2%oftheexposedrecords.• 37.2%ofthebreachesexposedbetweenoneand1000records,50.4%ofbreachesexposedbetweenoneand10,000records.• 256breachesinvolvedThirdParties.• Ninety-four(94)breachesin2016exposedonemillionormorerecords.• Six(6)2016breacheshavetakentheirplaceontheTop10ListofAllTimeLargestBreaches.• InDecember2016,Yahooreportedthesinglelargestbreacheverdisclosed,impactingover1billionrecords.• ThenumberofreportedbreachestrackedbyRiskBasedSecurityhasexceeded23,700,exposingover9.2billionrecords.
1 Seepage16fordefinitions
Not Just Security, the Right Security.
2|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
TableofContents
2016COMPAREDTOTHEPRIORFOURYEARS..................................................................................3 2016BYINDUSTRYBYMONTH......................................................................................................3 2016ANALYSISBYBREACHTYPE...................................................................................................4 2016DATABREACHANALYSISBYTHREATVECTOR...........................................................................5 2016EXPOSEDRECORDSBYTHREATVECTOR..................................................................................5 2016ANALYSISBYDATAFAMILY...................................................................................................6 2016PERCENTAGEOFBREACHESEXPOSINGDATATYPESVS.2015.....................................................6 2016ANALYSISOFRECORDSPERBREACH.......................................................................................7 2016-BREACHTYPES/RECORDSEXPOSED–TOP5..........................................................................8 2016ANALYSISBYCOUNTRY.........................................................................................................8 2016ANALYSISBYCOUNTRY–TOP10...........................................................................................9 2016EXPOSEDRECORDSBYCOUNTRY–TOP10..............................................................................9 2016ANALYSISOFUSSTATERANKINGS.......................................................................................10 2016BREACHESINVOLVINGTHIRDPARTIES...................................................................................11 2016REPEATOFFENDERS...........................................................................................................12 2016–BREACHSEVERITYSCORING..............................................................................................12 2016–BREACHSEVERITYSCORES................................................................................................12 2016–BREACHSEVERITYSCORES–TOP10..................................................................................13 TOP20BREACHESALLTIME(EXPOSEDRECORDSCOUNT)................................................................14 METHODOLOGY&TERMS...........................................................................................................16
3|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016ComparedtothePriorFourYears
2016byIndustrybyMonth
3,334
2,612
3,275
4,326 4,149
-
500
1,000
1,500
2,000
2,500
3,000
3,500
4,000
4,500
5,000
2012 2013 2014 2015 2016
Number of Incidents by Year
525
1,106 1,095 822
4,281
2012 2013 2014 2015 2016
Number of Records Exposed (in millions) by Year
0
100
200
300
400
500
JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC
2016 Distribution of Incidents by Industry, by Month
Business Government Medical Education Unknown
0.0%
20.0%
40.0%
60.0%
80.0%
100.0%
JAN FEB MAR APR MAY JUN JUL AUG SEP OCT NOV DEC
2016 Distribution of Exposed Records by Industry, by Month
Business Government Medical Education Unknown
4|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016AnalysisbyBreachType
2213
482
203
185
167
137
133
128
120
105
0 1000 2000 3000
Hacking
Skimming
Phishing
Virus
Web
Lost, Missing, Stolen Hardware/Devices
FraudSe
Lost, Missing, Stolen Documents
Unknown
2016Incidents-Top10BreachTypes
92.5%
6.0%
1.2%
0.4%
0.0% 20.0% 40.0% 60.0% 80.0% 100.0%
Hacking
Web
Unknown
Virus
2016RecordsExposedbyBreachType
Hackingcontinuestodominateastheleadingbreachtype,withSQLinjectionapredominantmethod
utilized.
Stolenlaptops,oncealeadingcauseofdatacompromise,
accountedforonly67(1.6%)ofincidentsin2016.
Misconfigureddatabasesandotherinadvertentwebbaseddisclosuresexposedover253
millionrecordsin2016.
5|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016DataBreachAnalysisbyThreatVector
2016ExposedRecordsbyThreatVector ThreatVector RecordsExposedOutside 3,819,637,019Inside-Accidental 87,888,518Inside-Malicious 2,295,432Inside-Unknown 121,425,860Unknown 250,548,979Total 4,281,795,808
Top10Breaches–DataTypesandSeverityScores2
BreachType
RecordsExposed
PercentageofTotalExposed
DataType3 SeverityScore
Hack 1,000,000,000 23.35% DOB/EMA/MISC/NAA/NUM/PWD 10Hack 500,000,000 11.68% DOB/EMA/MISC/NAA/NUM/PWD 10Hack 412,214,295 9.63% EMA/IP/MISC/PWD/USR 10Hack 360,213,024 8.41% EMA/PWD/USR 10Hack 203,419,083 4.75% ADD/DOB/FIN/MISC/NAA/NUM 10Hack 154,000,000 3.60% ADD/EMA/MISC/NAA/NUM 10Hack 127,343,437 2.97% DOB/EMA/NAA/PWD/USR 9.70Hack 98,167,935 2.29% EMA/MISC/PWD/USR 9.59Web 93,424,710 2.18% ADD/DOB/MISC/NAA 9.82Hack 93,338,602 2.18% EMA/NAA/NUM/PWD 10
Thetop10breachesexposed3,042,121,086records,or71%ofthetotalrecordsexposedin2016
2 See page 13 for additional detail on these incidents. 3 See page 17 for a description of abbreviations.
162
206
242
313
3226
- 500 1,000 1,500 2,000 2,500 3,000 3,500
Unknown
Inside-Malicious
Inside-Unknown
Inside-Accidental
Outside
2016 Number of Incidents by Threat Vector
Only18.3%ofincidentsweretheresultofinsider
activity
56.3%ofincidentsoriginatingfrommaliciousinsidershadnoconfirmedrecordcount,while39.3%ofincidentsoriginatingfrominsider
accidentshadnoconfirmedcount
6|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016AnalysisbyDataFamily
PercentageofTotalBreaches
PercentageofTotalExposed
RecordsPercentageofTotalBreaches
PercentageofTotalExposed
RecordsDataFamily 2015 2015 2016 2016Electronic 89.5% 99.6% 90.9% 99.9%Physical 7.1% <0.15% 6% <.1%Unknown 3.0% <0.15% 2.7% <.1%
Whilethevastmajorityofbreachesimpactelectronicdata,regulatorsinboththeUnitedStatesandtheU.K.havedemonstrated an interest in pursuing actions against organizations for mishandling documents. On August 10th,2016,theUK’sInformationCommission’sOfficefinedtheHampshireCountyCouncil£100,00forleavingconfidentialrecordsbehindinavacatedbuilding.IntheU.S.,onMarch1st,HealthandHumanServicesOfficeofCivilRightsfinedLincareHoldingsatotalof$239,800afteramanagermovedoutofherhouse, leavingbehindconfidentialmedicalfilescontainingprotectedhealthinformation.
2016AnalysisbyDataType–PercentageofBreaches
2016PercentageofBreachesExposingDataTypesvs.2015
DataType 2015 2016Password 49.9% 38.1%eMail 45.5% 42.6%UserName 37.7% 21.6%Name 29.4% 35.1%
7.4%
9.9%
12.3%
13.1%
19.3%
17.2%
16.4%
20.4%
21.6%
35.1%
38.1%
42.6%
0.0% 10.0% 20.0% 30.0% 40.0% 50.0%
Medical
Financial Account Numbers
Phone Number
Unknown
Credit Card Number
Misc.
Social Security Number
Address
User Name
Name
Password
2016IncidentsbyDataTypeExposed
42.6%ofdatabreachesexposedeMailAddresses.
PasswordsandeMailAddressesremainaprize
target.
Althoughthenumberofincidentsimpactingaccesscredentialsdeclinedin
2016,thenumberofpasswordsimpactedskyrocketed,from151million
in2015toover3.2billionin2016
7|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016AnalysisbyIndustrySubBusinessType
• Unknown4andBusinesssubtypesremaininthetoptwospotswithRetailcominginat
numberthreeinnumberofbreaches.• Lookingaheadto2017,IndustrysubtypeswillbeupdatedtoalignwithNAICSEconomic
Sectors
2016AnalysisofRecordsperBreach
ExposedRecordsNumberofBreaches
PercentofTotal
Unknown 1606 38.7%1to100 769 18.5%
101to1,000 777 18.7%1,001to10,000 546 13.2%
10,001to100,000 230 5.5%100,001to500,000 101 2.4%500,001to999,999 24 0.6%
1Mto10M 58 1.4%>10M 36 0.9%
4 Incertainsituations,thepartyresponsibleforthebreachcannotbeidentifiedwithcertainty.Whenthishappens,themarker“UnknownOrganization”isusedandtheassociatedbusinesstypeandsub-typearealso“Unknown”.
2.2%
2.1%
1.9%
3.5%
3.6%
4.7%
4.9%
7.6%
7.4%
10.7%
8.1%
11.1%
23.5%
0.0% 5.0% 10.0% 15.0% 20.0% 25.0%
CityGovernment
Hospitals
Media
Universimes
Industry
FederalGovt.
Organizamons
Medical
Financial
Retail
Technology
Business
Unknown
2016IncidentsbySubSector
In2016,thenumberofbreachesexposingmorethan10millionrecords
increased125%over2015.
8|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016-BreachTypes/RecordsExposed–Top5 BreachCategory Numberof
BreachesNumberofRecords
ExposedAverageRecords
perBreachPercentofTotalRecordsExposed
Hacking 2213 3,915,227,460 1,769,195 91.44%Web 167 253,355,867 1,517,101 5.92%Unknown 120 50,901,084 424,176 1.19%Virus 185 15,794,286 85,375 0.37%AllOther 1464 46,517,116 31,774 1.09%
BreachestakingplaceatFriendFinderNetworks,MyspaceandYahoo-allclassifiedashackingincidents-accountedformorethan2.2billionrecordscompromised.
2016AnalysisbyCountry
• Therewere102countriesreportingatleastonedatabreachin2016.• TheTop10countriesaccountedfor64.4%ofthebreaches.• DisclosedbreacheventsinBraziljumped92.3%in2016comparedto2015,with
72%oftheincidentstakingplacepriortothesummerOlympics.
21.1%
47.5%
31.4%
Unknown
USA
Other
2016IncidentsbyLoca^on
12.4%
68.2%
19.4%
Unknown
USA
Other
2016RecordsExposedbyLoca^on
9|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016AnalysisbyCountry–Top10
2016ExposedRecordsbyCountry–Top10ExposedRecordsRanking
NumberofBreaches Country TotalExposed
Records
AverageRecordsper
Breach
MedianNumberofRecords
PercentageofExposedRecords
1 1971 UnitedStates 2,919,677,558 1,956,888 1,224 68.19%2 49 RussianFederation 259,738,619 5,300,788 533 6.07%3 9 Mexico 93,427,863 10,380,874 554 2.18%4 38 France 86,337,303 2,272,034 359 2.02%5 11 Philippines 75,306,058 6,846,005 37 1.76%6 119 Canada 73,083,967 614,151 86 1.71%7 19 China 54,885,226 2,888,696 5,116 1.28%8 13 Japan 43,017,377 3,309,029 149,006 1.00%9 19 Iran 35,333,504 1,859,658 13 0.83%10 7 Taiwan 30,033,018 4,290,431 16,483 0.70%
37
38
48
49
59
71
75
119
204
1971
Syrian Arab Republic
France
Italy
Russian Federation
Australia
India
Brazil
Canada
United Kingdom
United States
2016 Incidents by Country - Top 10
USAandUKaccountfor52.4%ofbreaches.
TenbreachesintheUnitedStatesaccountedforroughly2.7billionofthe2.9billionrecordsexposed.Themediannumberofrecordslost–derivedfrombreacheswithaconfirmedrecordcount-bolstersthefindingsintheAnalysisofRecordsPerBreachtablewith50.4%ofbreachesexposingbetween1and10,000recordsand37.2%ofbreachesexposebetween1and1,000records.
10|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016AnalysisofUSStateRankings
• IndianaandPennsylvaniajustmissedmakingtheTopTenlist,with49and46
breachesrespectively.
ExposedRecordsRanking
USState
TotalExposedRecords
NumberofBreaches
ExposedRecords/Breach
PercentageofUSAExposedRecords
1 CA 2,349,731,591 234 10,041,588 80.48%
2 NY 142,802,652 104 1,373,102 4.89%
3 TX 60,374,939 105 574,999 2.07%
4 VA 49,966,475 60 832,774 1.71%
5 DE 33,407,985 4 8,351,996 1.14%
6 LA 10,265,379 12 855,448 0.35%
7 NC 8,287,075 37 223,975 0.28%
8 WA 6,438,745 39 165,096 0.22%
9 AZ 4,896,525 41 119,427 0.17%
10 OH 4,398,316 53 82,987 0.15%
• Californiaaloneaccountedfor54.9%ofthetotalrecordscompromisedin2016.• TopTenstatesrepresent91.47%ofrecordsexposedintheUSA.
234113
105104
6360
56545351
CAFLTXNYMAVAMIWIOHIL
2016IncidentsbyUSState-Top10
Thetop10statesrepresent52.1%of
USincidents.
11|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016BreachesInvolvingThirdParties
• Businessorganizationsaccountformorethanhalfofthe3rdPartybreaches• Hackingisthedominatebreachtypeimpacting3rdParties
11%
6%
55%
27%
1%
2016 Third Party Breaches by Business Type
Medical
Government
Business
Unknown
Educamon
80
34
18 15 15 13 13 9 9 8
0
10
20
30
40
50
60
70
80
90
2016ThirdPartyBreachesbyBreachType-Top10
12|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016RepeatOffendersOne hundred twenty three (123) organizations reported multiple data breaches in2016 123organizations reported twoormorebreachesduring theyear,with37%of thoseorganizations reportingthreeormorebreaches. It is always challenging todrawdefinitive conclusions as towhy someorganizationsexperiencemultipledatalosseventsinarelativelyshortperiodoftime.However,eventsin2016madeitclearthatonceaninvestigationisunderway,organizationsshouldbepreparedforthepossibilityofadditionalbreachdiscoveries.EventsatYahooandMossackFonsecaserveasusefulexamplesofthis.Afterthedamagingleakofmillionsofdocumentscontainingdetailsofclients’sensitivefinancialaffairs,MossackFonsecalaunchedintoanextensiveinvestigationofthebreach.Withintwomonths,theinvestigationhadidentifiedasecond,unrelatedincidentofmalicious insideractivity.EventsatYahoounfolded inmuchthesameway. It seemedunlikely theSeptember disclosure that 500million user details had been compromisedwould ultimately lead to amuchlargerbreach.UnfortunatelyforYahoo,thebreachinvestigationuncoveredthelargest incidenteverreported,impactingover1billionuseraccountsaswellasindicatingproprietarycodehadbeencompromisedandusedintheattack.
2016–BreachSeverityScoringWe can all readily agree that not all data breaches are created equal.Where disagreement arises is when weattempttoratethe‘severity’or‘impact’ofabreach.AtRiskBasedSecuritywehavecombinedourknowledgeofthe security industry, business experience and our comprehensive data breach information to calculate a DataBreachSeverityScore.Takingintoaccountinformationsuchas,thetotalnumberofrecordsexposed,thetypeofdata exposed, the breached organization’s industry, the threat vector responsible for the breach, the type ofbreachtriggeringtheexposure/lost,thenumberofthirdpartiesassociatedwiththebreach,wehaveimplementedasystemindicatingtherelativeseverityofeachbreachinourdatabase.OurSeverityScoresrangefrom.1to10.0.
2016–BreachSeverityScores
0
100
200
300
400
500
600
9.0 - 10.0 8.0 - 8.99 7.0 - 7.99 6.0 - 6.99 5.0 - 5.99 4.0 - 4.99 3.0 - 3.99 2.0 - 2.99 1.0 - 1.99 < 1
Num
ber
of In
cide
nts
Breach Severity Scores by Quarter
1Q2016 2Q2016 3Q2016 4Q2016
13|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
2016–BreachSeverityScores–Top10
Organization Top10Summary Score
Yahoo(Hacking)Over1,000,000,000customernames,emailaddresses,phonenumbers,datesofbirth,andhashedpasswords,aswellasanunknownnumberofsecurityquestionsandanswersstolenbyhackersusingstolenproprietarycode
10
Yahoo(Hacking)500,000,000usernames,emailaddresses,phonenumbers,datesofbirth,hashedpasswordsandsomesecurityquestionsandassociatedanswerscompromised.
10
FriendFinderNetworks,Inc.
(Hacking)412,214,295memberemailaddresses,usernames,andencryptedpasswords,aswellasroughly30,000,000memberIPaddressesandmembershipstatuses,anunknownamountofsourcecode,andanunknownnumberofemployeenames,homeIPaddresses,andVPNserveraccesskeysstolenbyhackersexploitingaLocalFileInclusionvulnerability
10
MySpace(Hacking)360,213,024useraccountrecordscontainingSHA1encryptedpasswords,emailaddresses,111,341,258usernames,and68,493,651secondarypasswordsstolenandmadeavailableforsaleontheInternet
10
UnknownOrganization
(Hacking)203,419,083customernames,addresses,genders,phonenumbers,datesofbirth,ethnicities,religions,primarylanguages,maritalstatuses,incomedetails,creditratings,andotherassortedpersonalandfinancialdetailsstolenandputofforsaleonthedarkwebbyhackersincorrectlylabelingitascomingfromExperian
10
UnknownOrganization/L2,Inc.
(Hacking)154,000,000names,addresses,phonenumbers,politicalaffiliations,incomeranges,ethnicities,ages,andvotinghistories,aswellasanunknownnumberofemailaddresses,socialmediaprofiles,andpoliticalpollresultsofUnitedStatesvotersdiscoveredonanunsecuredGoogleserverafterbeingstolen.
10
UnknownOrganization/VK
(Hacking)93,338,602useraccountswithnames,emailaddresses,phonenumbersandcleartextpasswordsstolenin2012andofferedforsaleontheInternet
10
VerticalScopeInc.
(Hacking)Nearly45,000,000emailaddresses,usernames,IPaddresses,andweaklyencryptedpasswordsforaccountsonover1,100websitesandcommunitiesstolen.
9.95
RepublicofthePhilippinesCommissiononElections(COMELEC)
(Hacking)75Mvoternames,datesofbirth,emailaddress,genders,addresses,precinctnumbers,disabilities,identificationnumbers,andregistrationrecordnumbers,aswellas1.3Mpassportnumberswithexpirydates,15.8Mfingerprints,andthedatabaseschema,leakedontheInternet
9.87
MovimientoCiudadano
(Web)93,424,710voternames,addresses,datesofbirth,occupations,anduniquevotingcredentialcodesdiscoveredonanunsecuredAmazoncloudserver
9.83
14|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
Top20BreachesAllTime(ExposedRecordsCount)
BreachReportedDate Summary Records
ExposedOrganization’s
NameIndustry-Sector
BreachLocation
HighestAllTime12/14/2016
Whileinvestigatingthe#2incidentonthislist,asecondhackingeventwasdiscoveredtargetingusernames,emailaddresses,phonenumbers,datesofbirth,hashedpasswordsandsecurityquestionsandassociatedanswers.
1Billion Yahoo Business-Technology
UnitedStates
Number29/22/2016
Hackexposesusernames,emailaddresses,phonenumbers,datesofbirth,hashedpasswordsandsecurityquestionsandassociatedanswers.
500Million Yahoo Business-Technology
UnitedStates
Number310/18/2016
HackersexploitaLocalFileInclusionvulnerability,compromisingmember emailaddresses,usernames,andencryptedpasswords,IPaddressesandmembershipstatuses.
412Million FriendFinderNetworks,Inc Business United
States
Number45/27/2016
HackexposesuseraccountrecordscontainingSHA1encryptedpasswords,emailaddresses.
360Million MySpace Business UnitedStates
Number58/22/2014
Hackofwebsitesexposesnames,registrationnumbers,usernamesandpasswords.
220MillionOrganization’sNamehasnotbeenreported
Unknown SouthKorea
Number612/3/2016
Hackersofferforsaleadatabasecontainingnames,addresses,genders,phonenumbers,datesofbirth,ethnicities,religions,primarylanguages,maritalstatuses,incomedetails,creditratings,andotherassortedpersonalandfinancialdetails.
203MillionOrganization’sNamehasnotbeenreported
Unknown Unknown
Number710/19/2013
Fraudulentaccountcreatedgainingaccesstocreditcardnumbers,socialsecuritynumbers,names,andfinancialaccountnumbers.
200Million CourtVentures,Inc. Business-Data United
States
Number812/28/2015
Mis-configureddatabaseexposesvoternames,datesofbirth,addresses,phonenumbers,politicalpartyaffiliations,andgenders.
191MillionOrganization’sNamehasnotbeenreported
Unknown UnitedStates
15|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
BreachReportedDate Summary Records
ExposedOrganization’s
NameIndustry-Sector
BreachLocation
Number96/21/2014
Hackexposestripdetailsofcustomersafterde-anonymizingMD5hashes
173MillionNYCTaxi&LimousineCommission
Government-City
UnitedStates
Number106/23/2016
HackexposesUSAvoterinformation. 154Million
Organization’sNamehasnotbeenreported
Unknown UnitedStates
Number1110/3/2013
Hackexposedcustomernames,IDs,encryptedpasswordsanddebit/creditcardnumberswithexpirationdates,sourcecodeandothercustomerorderinformation.
152Million AdobeSystems,Inc.
Business-Technology
UnitedStates
Number123/17/2012
Firmmayhaveillegallyboughtandsoldcustomers'information 150Million
ShanghaiRoadwayD&BMarketingServicesCo.
Ltd
Business-Data China
Number135/21/2014
Hackexposesnames,encryptedpasswords,emailaddresses,registeredaddresses,phonenumbersanddatesofbirth.
145Million eBay,Inc. Business-Retail
UnitedStates
Number146/8/2013
NorthKoreanHackersexposeemailaddressesandidentificationnumbers
140MillionOrganization’sNamehasnotbeenreported
Unknown SouthKorea
Number151/20/2009
Hack/MaliciousSoftwareexposescreditcardsatprocessor
130MillionHeartlandPaymentSystems
Business-Finance
UnitedStates
Number166/2/2016
Hackexposesusernames,emailaddresses,hashedpasswords,names,datesofbirthandsoldonInternet.
127Million BadooTradingLimited Business United
Kingdom
Number176/2/2016
HackexposesemailaddressesandpasswordhashesandofferedorsaleontheInternet.
117Million LinkedInCorporation
Business-Technology
UnitedStates
Number1812/18/2013
HackexposedcustomerPII,emailaddresses,aswellascredit/debitcardnumberswithexpirationdates,PINsandCVV.
110Million TargetBrands,Inc.
Business-Retail
UnitedStates
Number199/2/2014
Hackexposedthedetailsfrom56millionpaymentcardsandanadditional53millioncustomeremailaddresses.
109Million HomeDepot Business-Retail
UnitedStates
Number201/20/2014
Fraudexposescreditcardnumbers,socialsecuritynumbers,andphonenumbers.
104Million
KoreaCreditBureau
Business-Financial
SouthKorea
16|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
Methodology&TermsRisk Based Security’s proprietary application crawls the Internet 24x7 to capture and aggregate data breachbreaches for our researchers to analyze. In addition, our researchers, in partnership with the Open SecurityFoundation,manuallyscournewsfeeds,blogs,andotherwebsites lookingfornewdatabreachesaswellaspastbreaches that requiring updating. The database also includes information obtained through Freedom ofInformationAct(FOIA)requeststoobtainbreachnotificationdocumentsasaresultofstatenotificationlegislation.Definitions:PrimaryIndustrytypes/sectorsarereportedasBusiness,Educational,Government,MedicalandUnknown.Each primary industry/sector is further defined by one of the following subtypes: Retail, Financial, Technology,Medical (Non-Hospital and non-Medical Provider), Federal Government, Data Services/Brokerage, Media,University, Industry, StateGovernment,Not-For-Profit, CountyGovernment,Organization,Hospital,High School,Insurance,CityGovernment,Hotel,Legal,ElementarySchool,Educational,Business,Government,ServiceProvider,andAgriculture.DataTypes:Name,Address,DateofBirth,Email,UserName,Password,SocialSecurityNumber,CreditCardorDebitCardNumber,MedicalInformation,FinancialInformation,AccountInformation,PhoneNumbers,IntellectualProperty,andUnknown.BreachTypesaredefinedasfollows:Name DescriptionDisposalComputer DiscoveryofcomputersnotdisposedofproperlyDisposalDocument DiscoveryofdocumentsnotdisposedofproperlyDisposalDrive DiscoveryofdiskdrivesnotdisposedofproperlyDisposalMobile DiscoveryofmobiledevicesnotdisposedofproperlyDisposalTape DiscoveryofbackuptapesnotdisposedofproperlyEmail EmailcommunicationexposedtounintendedthirdpartyFax FaxcommunicationexposedtounintendedthirdpartyFraudSE Fraudorscam(usuallyinsider-related),socialengineeringHack Computer-basedintrusionLostComputer Lostcomputer(unspecifiedtypeinmediareports)LostDocument Discoveryofdocumentsnotdisposedofproperly,notstolenLostDrive Lostdatadrive,unspecifiedifIDE,SCSI,thumbdrive,etc.)LostLaptop Lostlaptop(generallyspecifiedasalaptopinmediareports)LostMedia Media(e.g.disks)reportedtohavebeenlostbyathirdpartyLostMobile Lostmobilephoneordevicesuchastablets,etc.LostTape LostbackuptapesMissingDocument Missingdocument,unknownordisputedwhetherlostorstolenMissingDrive Missingdrive,unknownordisputedwhetherlostorstolenMissingLaptop Missinglaptop,unknownordisputedwhetherlostorstolenMissingMedia Missingmedia,unknownordisputedwhetherlostorstolenOther MiscellaneousbreachtypenotyetcategorizedPhishing MasqueradingasatrustedentityinanelectroniccommunicationtoobtaindataSeizure ForcibletakingofpropertybyagovernmentlawenforcementofficialSkimming Usingelectronicdevice(skimmer)toswipevictims’credit/debitcardnumbersSnailMail Personalinformationin"snailmail"exposedtounintendedthirdpartySnooping ExceedingintendedprivilegesandaccessingdatanotauthorizedtoviewStolenComputer Stolendesktop(orunspecifiedcomputertypeinmediareports)StolenDocument Documentseitherreportedorknowntohavebeenstolenbyathirdparty
17|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
Name DescriptionStolenDrive Stolendatadrive,unspecifiedifIDE,SCSI,thumbdrive,etc.StolenLaptop StolenLaptop(generallyspecifiedasalaptopinmediareports)StolenMedia MediagenerallyreportedorknowntohavebeenstolenbyathirdpartyStolenMobile Stolenmobilephoneordevicesuchastablets,etc.StolenTape StolenbackuptapesUnknown UnknownorunreportedbreachtypeVirus ExposuretopersonalinformationviavirusorTrojan(possiblyclassifiedashack)Web Web-basedintrusion,dataexposedtothepublicviasearchengines,publicpagesDataTypeDefinitionsAbbreviation DescriptionCCN CreditCardNumbersSSN SocialSecurityNumbers(orNon-USEquivalent)NAA NamesEMA EmailAddressesMISC MiscellaneousMED MedicalACC AccountInformationDOB DateofBirthFIN FinancialInformationUNK UnknownPWD PasswordsADD AddressesUSR UserNameNUM PhoneNumberIP IntellectualPropertyNOWARRANTY.RiskBasedSecurity, Inc.makesthisreportavailableonan“As-is”basisandoffersnowarrantyasto itsaccuracy,completeness or that it includes all the latest data breach breaches. The information contained in this report isgeneral in natureand shouldnot beused toaddress specific security issues.Opinionsand conclusionspresentedreflect judgmentat the timeofpublicationandaresubject tochangewithoutnotice.Anyuseof the informationcontainedinthisreportissolelyattheriskoftheuser.RiskBasedSecurity,Inc.assumesnoresponsibilityforerrors,omissions,ordamagesresultingfromtheuseoforrelianceontheinformationherein.Ifyouhavespecificsecurityconcerns please contact Risk Based security, Inc. for more detailed data loss analysis and security consultingservices.
18|DataBreachIntelligenceCopyright©2017RiskBasedSecurity,Inc.Allrightsreserved.
AboutRiskBasedSecurity
RiskBasedSecurity(RBS)providesdetailedinformationandanalysisonDataBreaches,VendorRiskRatingsandVulnerabilityIntelligence.Ourproducts,CyberRiskAnalytics(CRA)andVulnDB,provideorganizationsaccesstothemostcomprehensivethreatintelligenceknowledgebasesavailable,includingadvancedsearchcapabilities,accesstorawdataviaAPI,andemailalertingtoassistorganizationsintakingtherightactionsinatimelymanner.Inaddition,ourYourCISOofferingprovidesorganizationswithon-demandaccesstohighqualitysecurityandinformationriskmanagementresourcesinone,easytousewebportal.
VulnDBisthemostcomprehensiveandtimelyvulnerabilityintelligenceavailableandprovidesactionableinformationaboutthelatestinsecurityvulnerabilitiesviaaneasy-to-useSaaSPortal,oraRESTfulAPIforeasyintegrationintoGRCtoolsandticketingsystems.VulnDBallowsorganizationstosearchonandbealertedtothelatestvulnerabilities,bothinend-usersoftwareandthethird-partylibrariesordependenciesthathelpbuildapplications.AsubscriptiontoVulnDBprovidesorganizationswithsimpletounderstandratingsandmetricsontheirvendorsandproducts,andhoweachcontributestotheorganization’srisk-profileandcostofownership.
CyberRiskAnalytics(CRA)providesactionablethreatintelligenceaboutorganizationsthathavehadadatabreachorleakedcredentials.Thisenablesorganizationstoreduceexposuretothethreatsmostlikelytoimpactthemandtheirvendorbase.Inaddition,ourPreBreachvendorriskrating,theresultofadeep-viewintothemetricsdrivingcyberexposures,areusedtobetterunderstandthedigitalhygieneofanorganizationandthelikelihoodofafuturedatabreach.TheintegrationofPreBreachratingsintosecurityprocesses,vendormanagementprograms,cyberinsuranceprocessesandriskmanagementtoolsallowsorganizationstoavoidcostlyriskassessments,whileenablingbusinessestounderstanditsriskposture,actquicklyandappropriatelytoproactivelyprotectitsmostcriticalinformationassets.
YourCISOprovidesorganizationswithon-demandaccesstohighqualitysecurityandinformationriskmanagementresourcesinone,easytousewebportal.YourCISOprovidesorganizationreadyaccesstoaseniorexecutivesandhighlyskilledtechnicalsecurityexpertswithaproventrackrecord,matchedspecificallytoyourneeds.TheYourCISOserviceisdesignedtobeanaffordablelongtermsolutionforaddressinginformationsecurityrisks.YourCISObringstogetheralltheelementsanorganizationneedstodevelop,documentandmanageacomprehensiveinformationsecurityprogram.
Formoreinformation,pleasevisit:https://www.riskbasedsecurity.com/https://vulndb.cyberriskanalytics.com/https://www.cyberriskanalytics.com/https://www.yourciso.com/orcall855-RBS-RISK.