The number of individual records compromised by data breaches has declined by 41 percent during the first half of this year, compared to the same period last year, even as the number of breaches went up, according to a new report by Gemalto.
"Identity theft continues to be the leading type of attack," said Jason Hart, vice president and CTO for data protection at Gemalto.
Identity theft accounted for 472 breaches, or 53 percent of all attacks, and nearly 75 percent of compromised data records.
This was down slightly from last year's 474 attacks, but higher than 396 attacks in the first half of 2013.
Financial access was the next biggest motivator, with 197 attacks during the first half of this year, up steadily from 119 attacks in the first half of 2014, and just 97 attacks in the first half of 2014.
A total of 888 data breaches occurred during the first half of this year, Hart said, up 10 percent from last year, the company reported today, with a total of 246 million records compromised.
The decline in total records lost is due to the fact that there were fewer large-scale mega breaches this year compared to last.
So far this year, the largest breach was the Anthem Insurance breach, which exposed 79 million records. Other major breaches included the 21-million-record breach at the U.S. Office of Personnel Management, the 50-million-record breach at Turkey’s General Directorate of Population and Citizenship Affairs, and the 20-million-record breach at Russia’s Topface.
Percentage of outsider attacks
Another major shift compared to last year is that 62 percent of the breaches this year were attributed to malicious outsiders, up from 58 percent last year and 52 percent the year before.
An additional 22 percent of the breaches were due to accidental loss by employees, followed by 12 percent due to malicious insiders.
The United States reported the lion's share of breaches so far this year, 671 breaches, or 76 percent of the total.
According to Gemalto, this is due because of the strict data breach disclosure laws in the country.
European Union members are likely to start reporting more breaches next year when the European Commission adopts new data protection regulations.
Due to the Anthem and OPM breaches, the healthcare and government sectors accounted for the majority of breached records so far this year.
Specifically, the healthcare sector accounted for 34 percent of records lost, followed by government with 31 percent of records lost. The technology sector was responsible for 15 percent of lost records, retail for 8 percent, education for 6 percent, and financial for less than 1 percent.
However, in terms of the actual number of breaches, the healthcare sector accounted for just 21 percent of the total, down slightly from last year, and the financial industry was in second place with 16 percent of all breaches.
Sign up for Computerworld eNewsletters.