Digital Transactions Authoritative, insightful and timely information for payments professionals
The number of publicly reported data breaches nearly doubled during the first quarter compared to the same period a year ago, according to the Identity Theft Resource Center’s quarterly report, issued Tuesday.
The ITRC tracked 841 publicly reported data breaches during the first quarter, up from 442 during the same period in 2023, a 90% increase. In addition, the number of cyberattack-related breach notices without information about the root cause totaled 439 during the quarter, up from 166 a year ago.
The increase means that more than two-thirds of breach notices based on cyberattacks contain no information about the root cause. By comparison, less than 50% of cyberattack notices during the first quarter of 2023 lacked that information, the ITRC says.
The skyrocketing number of breaches during the first quarter is a troubling trend, as the first quarter of each calendar year tends to have the lowest number of reported data breaches, the ITRC says.
At the same time, the volume of breaches in the first quarter continues an accelerating rise in data breaches seen during 2023, when there were 3,205 data breaches, compared to 1,801 in 2022, a 78% increase, according to the ITRC.
“The dramatic increase in data compromises continues to concern us,” ITRC chief executive and president Eva Velasquez says in a statement.
Financial-services providers were primary targets of hackers, as the number of data breach notices from these companies increased more than three-fold during the quarter to 224, compared to 70 for the same period a year earlier. Attacks against professional services more than doubled to 100, becoming the third industry to publish more notices of triple-digit increases for the first quarter, the ITRC says.
Overall, attacks increased across 15 of 17 industries tracked by the ITRC.
Cyberattacks remain the primary cause of data breaches, totaling 642, followed by compromises caused by system or human errors (85), and physical attacks (11), the ITRC says.
Despite the dramatic jump in the number of data breaches, the number of victims decreased 72% from a year earlier, to 28,596,892, and were down 81% from the fourth quarter of 2023.“The decrease in victims impacted is a bit of good news, though still too high. We believe it is due to identity criminals launching more targeted attacks, which differ from tactics used five to 10 years ago,” Velasquez says in a statement. “With that said, it is critical that businesses and consumers continue to practice good password hygiene and transition to Passkeys when possible.” Passkey technology is said by some experts to be more secure than passwords.
