Verizon study: data breaches quintupled in 2010

In 2010 the number of breaches skyrocketed to 760 from 141 the year before, according to the "2011 Verizon Data Breach Investigation Report"

Criminals carried out more but smaller data thefts last year than in previous years, indicating a shift toward simpler exploits that run lower risk of punishment, according to Verizon's latest data breach report.

In 2010 the number of breaches skyrocketed to 760 from 141 the year before, according to the "2011 Verizon Data Breach Investigation Report".  At the same time the number of actual records compromised by the breaches plummeted from 144 million in 2009 to 4 million in 2010.

TIPS: Verizon's 12-Step security program

On average, then, in 2009 the number of records stolen per breach was about 1.02 million. For 2010 that number was 5,263.

What's going on? The type of data being sought by criminals shifted from payment card numbers to intellectual property, information about business processes and deals being made between businesses, says David Ostertag, global investigations manager for Verizon.

"With intellectual property they may get one record but it will have a much higher value than one payment card record," Ostertag says.

In cases where payment card information was stolen, the number of records taken per breach was much less, indicating that criminals are trying to minimize the attention they draw, he says. "There's less chance of being caught because fewer resources are being applied to catch them," he says.

That may already be changing, though, with early results from 2011 indicating a surge in high-volume data breaches. The motivation may be that stockpiles of stolen card data have been depleted over the past year and more are needed to replenish them. "Supply and demand has a lot to do with it," he says. "The bad guys need a new supply."

HISTORY: Smartphone security follies

Also anecdotally, there seems to be a recent uptick in unauthorized peer-to-peer traffic on networks, Ostertag says, which could be criminals doing research and development on ways to send data out once it has been compromised.

"They're better at getting in, but not at exfiltrating the data," he says.

Threats from outside businesses has also jumped dramatically from 70% to 92%, which may be due to commoditized attack tools that are simpler to use and therefore used more often,  he says.

Hospitality, retail and financial services industries accounted for 87% of all the investigated data breaches.

Financial institutions in previous years accounted for 90% or more of compromised records, but that fell dramatically in 2010 to 35%. The reason is some breaches in past years that involved millions of records were from financial institutions. Also, criminals may be focusing more on other thefts than credit card numbers. These include theft of intellectual property, authentication data, and turning machines into bots to serve botnets, the report says.

One deceptive result is the 17% of attacks involving insiders. That is a drop from 48% in 2009, but the actual number of insider breaches remains about the same. So the threat to businesses from insiders has stayed relatively constant; it's just the total number of breaches that has dramatically increased to skew the percentage, says

Mobile devices have not been seen compromising systems, Ostertag says, but they have been used in compromising data.

Read more about wide area network in Network World's Wide Area Network section.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimelegalanti-malware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Tim Greene

Tim Greene

Network World
Show Comments

Cool Tech

Bang and Olufsen Beosound Stage - Dolby Atmos Soundbar

Learn more >

Toys for Boys

Nakamichi Delta 100 3-Way Hi Fi Speaker System

Learn more >

Sony WF-1000XM3 Wireless Noise Cancelling Headphones

Learn more >

ASUS ROG, ACRONYM partner for Special Edition Zephyrus G14

Learn more >

Family Friendly

Philips Sonicare Diamond Clean 9000 Toothbrush

Learn more >

Mario Kart Live: Home Circuit for Nintendo Switch

Learn more >

Stocking Stuffer

SunnyBunny Snowflakes 20 LED Solar Powered Fairy String

Learn more >

Teac 7 inch Swivel Screen Portable DVD Player

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?