Data Breaches Hit Record in 2016

Data Breaches Hit Record in 2016
Fotolia

U.S. companies and government agencies suffered a record 1,093 data breaches last year, a 40 percent increase from 2015, according to the  Identity Theft Resource Center, Bloomberg reports. Headline-grabbing hacks, with victims ranging from Wendy’s to the Democratic National Committee, are increasing despite regulatory scrutiny and more aggressive cyber-security spending.

Worldwide spending on security-related hardware, software and services rose to $73.7 billion in 2016 from $68.2 billion a year earlier, according to researcher IDC. And that number is expected to approach $90 billion in 2018. “We are extremely confident that breaches are undiscovered and under-reported, and we don’t know the full scope,“ Eva Casey Velasquez, chief executive officer of the  Identity Theft Resource Center, said in an interview. “This isn’t the worst-case scenario we are looking at; this is the best-case scenario.“

Data breaches in 2016 exposed everything from social security numbers to user account log-in names and passwords. Attacks known as phishing, in which an employee is tricked into clicking an e-mailed link to give hackers access to a corporate network, accounted for about 56 percent of all breaches last year, according to the center. That’s up from 38 percent in 2015. In many cases, employees received an e-mail purporting to be from their company’s chief executive officer or other high-level managers.

Criminals can use stolen information such as social security numbers, addresses and names to file false tax returns, order credit cards and to siphon money out of consumers’ bank accounts. Adam Levin, chairman of the security company CyberScout, which sponsored the report, said training employees about data privacy and security is essential. “A lot of companies don’t do it,“ he said.

The Identity Theft Resource Center, which has been tracking breaches since 2005, compiles its reports using data listed on state regulators’ web sites, as well as by filing Freedom of Information Act requests with various government agencies. Many data breaches still aren’t included in these numbers.