14 ‘mega-leaks,’ each resulting in over 10mil personal data records being compromised
Leaks via browsers and the cloud replace hard copies as most common channel
MORE than 40% of the volume of leaked personal data in 2014 originated from the banking and financial services industry, according to InfoWatch’s Global Data Leakage report for the year.
In 2014 alone, the banking and finance industry was involved in the leakage of 313 million personal data or 40.9% of the total personal data record leaks, the Data Leakage Protection (DLP) solutions vendor said in a statement.
These personal data leakages were attributed to 135 cases or close to 10% of the total number of cases of data leakage reported over the year, InfoWatch said.
Although the healthcare segment recorded the highest number of data leakage cases (352 cases), the personal data compromised were much lower in volume compared with the banking and finance industry – about 58 million or 7% of the total.
According to Natalya Kaspersky (pic above), chief executive officer of the InfoWatch Group of Companies and cofounder of Kaspersky Lab, data leakage is an old threat made new, more dangerous and more damaging due to current technology and the lack of data leakage prevention measures by organisations.
“Data leakage may soon overtake other threats when it comes to financial and reputation damage to organisations.
“For consumers, note that 92% of information leaked is personal data – so it is you and your personal information that is being put at risk when organisations do not take enough precautions to prevent leaks,” she added.
The InfoWatch Analytical Centre based the report on 1,395 cases of confidential information leaks, as reported in the media and other open sources, in 2014.
According to InfoWatch, over 767 million pieces of personal data were compromised, making up 92% of the type of information leaked, out of the 1,395 cases in 2014.
The report registered 14 ‘mega-leaks,’ where each incident resulted in a leak of over 10 million personal data records. Analyst at InfoWatch attributed 89% of all compromised data to mega-leaks.
Information breach leads the type of data breach with 1,120 cases, followed by data fraud and exceeding access rights.
The way data is being leaked is also changing, according to the report.
While paper or hard copy has traditionally been the most common channel of data leakage since InfoWatch began reporting in 2004, the latest report shows that leaks via browsers or the cloud have overtaken hard copy leaks.
In 2014, 448 cases or 35% of total data leakage were reported over browsers or the cloud. This a 28% increase from the total number of cases leaked via browser or the cloud in 2013.
“The way data is being leaked has moved from the traditional misappropriation of hard copies to channeling data out through browsers and the cloud,” said Kaspersky.
“For organisations, while the cloud offers seamless services and convenience of storage and access, data in the cloud needs to be better protected against leaks. This is especially true for the banking and financial services industries, healthcare and government sectors,” she added.
While accidental and incidental data leakage are relatively on par with each other, the current trend shows an 11% fall in intentional data leakage from the previous year.
Employees continue to be the main players in information leakage, involved in more than half of the total cases, with 1% of total confidentiality breach backed by senior executives of organisations.
The United States ranked first in global data leakage with 906 cases, followed by Russia and the United Kingdom in second and third place, with 167 cases and 85 cases respectively.
Preventing data loss, and the health of your business
Security industry to pay more attention to cyber-espionage: InfoWatch CEO
Linguistics, technology and protecting your data
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.