Risk Based Security
Issued in January 2016
Data Breaches and 2015 …
There were 3930 incidents reported during 2015 exposing 736 million records.
Four Hacking incidents alone exposed a combined 237.8 million records.
A single database mis-configuration exposed 191 million records on the Internet.
The Business sector accounted for 47.2% of reported incidents, followed by Unknown (19.9%), Education (13.9%), Government (12.2%), and Medical (6.8%).
The Business sector accounted for 51.4% of the number of records exposed, followed by Unknown (34.3%), Government (12.8%) and Medical (1.5%).
64.6% of reported incidents were the result of Hacking, which accounted for 58.7% of the exposed records.
Web accounted for 30.6% of the exposed records, but represented just 2.8% of the reported incidents.
Breaches involving U.S. entities accounted for 40.5% of the incidents and 64.7% of the exposed records.
55.4% of the incidents exposed between one and 1000 records.
288 incidents involved Third Parties
Forty-six incidents in 2015 exposed more than one million records.
Three of 2015 incidents have secured a place on the Top 20 All Time Breach List.
The number of reported incidents tracked by Risk Based Security has exceeded 18,900 exposing over 4.6 billion records.