A decrease in data breaches? Can this be true? Well, it is, at least according to the latest ITRC data breach report released this week.

Wednesday, the Identity Theft Resource Center (ITRC) released its U.S. data breach findings for the first half (H1) of 2022. According to the H1 2022 ITRC Data Breach Report analysis, there were 817 publicly reported data compromises in the U.S. in the first half of 2022, a four (4) percent decrease compared to the same period in 2021. Other notable report highlights include:

• Approximately 87 percent of the data compromises in H1 2022 were due to a cyberattack.
• The number of victims impacted by data compromises continued to drop (down 45 percent from H1 2021) as data compromises shifted to attacks targeting businesses, government agencies, and institutions. Or did they?* 😉
• Ransomware attacks declined quarter-over-quarter for the first time since ransomware surpassed malware as the number two primary cause of data breaches in 2019. Phishing remained the number one root cause of data compromises in H1.
• Security researchers believe that the decline in ransomware attacks is due to a combination of factors, including the ongoing conflict in Ukraine and the collapse of cryptocurrencies favored by cybercriminals.
• Nearly 40 percent of data breach notices issued in H1 2022 did not include the root cause of the compromise, making “unknown” the top cause of data breaches so far this year for the first time since the ITRC began tracking the cause of data compromises.

ITRC does note that an average of 39 percent of all data breach notices issued in H1 2022 did not list a victim count. So, the number of victims may not have dropped near as much as indicated, if at all.

It should also be noted that, aside from last year’s record year (by far) in reported compromises, the H1 2022 is running at a pace to surpass all other years since 2016.

The seven-page ITRC Data Breach Report, available for download here, is a very succinct, easy-to-read compilation of H1 2022 cyber stats. Check it out!

So, what do you think? Are you surprised that the ITRC Data Breach Report shows that compromises and victims decreased? Please share any comments you might have or if you’d like to know more about a particular topic.

* – This line is more dramatic if you imagine Keith Morrison saying it. 🙂

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.