As many governments around the world finally begin to address the ever-growing data privacy problems — GDPR and Australia’s Notifiable Data Breaches scheme to name but a few — a stark reality into the current state of data protection has been unveiled. According to the latest figures from the Gemalto Breach Level Index 4.5 billion records were compromised in the first six months of 2018.
The US comes out the worst, with 3.25 billion records affected and 540 breaches — an increase of 356% in the last month and 98% over the same period in 2017.
The financial impact of data breaches is just the beginning
A total of six social media breaches, including the Cambridge Analytica-Facebook incident, accounted for over 56% of total records compromised. Of the 945 data breaches, 189 (20% of all breaches) had an unknown or unaccounted number of compromised data records.
“Obviously, this year social media has been the top industry and threat vector for the compromise of personal data, a trend we can expect to continue with more and more sectors leveraging these platforms to reach key audiences, especially political teams gearing up for major elections,” said Jason Hart, vice president and chief technology officer for data protection at Gemalto. “We also expect to see more data breaches reported by European Union countries bound by the new General Data Protection Regulation and in Australia with the new Notifiable Data Breaches law. We should be careful not to misconstrue this as an increase in overall incidents in these areas but rather as a more accurate reflection of what is actually going on.”
Europe was well behind America seeing 36% few incidents, but there was a 28% rise in the number of records breached indicating growing severity of attacks. The United Kingdom was the worst hit in its region suffering 22 data incidents.
Hart added: “While the UK may appear to have its house in order, only two breaches reported happened after public disclosure became mandatory under GDPR. This means the true picture is as yet unknown, and we could soon see a wake-up call similar to the one Australia is experiencing with its legislation in full effect. Only once this happens will we be able to understand whether GDPR is having its intended effect and if business leaders are making cyber security a priority.”