ICFE eNEWS #17-05 - February 1st 2017
View this eNEWS online

Data breaches in 2016 hit an all-time record high

By Yan Ross, Director of Special Projects, ICFE

According to two recently-released reports, data breaches in 2016 increased significantly over the number reported for the previous year. The reports, from the Identity Theft Resource Center (ITRC) with support from CyberScout, and from Risk Based Security (RBS), were issued within days of each other in January 2017.
While both reports conclude an all-time high in the number of data breaches occurred in 2016, their specific counts vary substantially, as they are based on different criteria for inclusion. This divergence is principally due to differences in the fields of coverage: RBS surveyed reported data breaches in 102 countries, while the ITRC covered only the United States.
The RBS report indicates that some 4,149 data breaches reported during 2016 exposed over 4.2 billion records in the 102 countries surveyed. Notably, this figure equals more than half of the population of planet Earth, though in fairness it's likely that many individuals were affected by more than a single data breach.
The ITRC report shows an increase of 40% over 2015, or a total of 1093 data breaches. The actual number of records affected is not calculated in the ITRC report. As explained in that report, about half of the breached organizations did not furnish this information. Due to the more stringent HIPAA regulations, as compared to data breach notification laws of States, the numbers of records exposed in the breaches tends to be greater in the health care sector than other sectors.
One aspect of this continued growth in reported data breaches is reflected in the RBS comment that "…the rise of the mega breach trend continued as ninety-four (94) breaches in 2016 exposed one million or more records [each]."
On the other hand, the ITRC report includes this caveat: "This [increased number of reported breaches] raises the question: are there actually more breaches or is it because more states are making this information publicly available?"
Regardless of the answer, it's irrefutable that the incidence of data breaches and the aggregate number of individuals affected by data breaches from large and small organizations continues to grow.
From the perspective of the Institute of Consumer Financial Education, this troublesome trend suggests the necessity of increasing efforts to educate both individuals and organizations on managing the risk of identity theft. ICFE's educational program covers risk assessment, preventive measures, and the appropriate steps to take in the event of an identity theft incident.


The ICFE's Certified Identity Theft Risk Management Specialist® XV CITRMS® course is now available both in printed format and online.
The Textbook and Desk Reference edition of the course book is also available online. Bulk pricing and discounts for veterans and students available. Inquire at yan.ross@icfe.info
Yan Ross is ICFE's Director of Special Projects, and the author of the Certified Identity Theft Risk Management Specialist® XV CITRMS® course. As an accredited educator for over 20 years, he has addressed Identity Theft Risk Assessment and management for consumers, organizations holding personally identifiable information, and professionals who work with individuals and organizations who are at risk of falling victim to identity thieves.

ICFE eNEWS is available FREE upon request by visiting the ICFE's Web site and filling out the contact form, selecting "Yes" for "Add to Mailing List." Please pass this eNEWS on to your peers and interested others and invite them to subscribe for free. Also, visit the ICFE's new Web site: StudentDebtHelp.org

Sent by:

Paul S. Richard
President - Executive Director
Institute of Consumer Financial Education (ICFE)

ICFE - Institute of Consumer Financial Education - ICFE.info - 619.239.1401