The ITRC has released its 2023 Annual Data Breach Report, which shows a record number of compromises, 72 percent over the previous high!
According to the 2023 Annual Data Breach Report from the Identity Theft Resource Center (ITRC) (available for download here), the number of data compromises in 2023 (3,205) increased by 78 percentage points compared to 2022 (1,801). The ITRC set a new record number of data compromises tracked in a year, up 72 percentage points from the previous all-time high in 2021 (1,860).
One bit of good news: The number of victims impacted (353,027,892) decreased by 16 percentage points from 2022 (425,212,090). This is consistent with a general trend of the number of estimated victims dropping slightly each year due to organized identity criminals focusing on specific information and identity-related fraud and scams rather than mass attacks.
According to the report, the number of data breach notices without specific information nearly doubled year-over-year. In 2023, more than 1,400 public breach notices did not contain information about an attack vector compared to 716 in 2022. Since 2018, the percentage of notices with actionable information has dropped from ~100 percent to 54 percent.
Other findings in the 2023 Annual Data Breach Report include:
- Nearly 11 percent of all publicly traded companies were compromised in 2023.
- Publicly traded companies withheld information about an attack in 47 percent of notices compared to 46 percent of other organizations.
- While most industries saw modest increases, Healthcare, Financial Services and Transportation reported more than double the number of compromises compared to 2022. While Healthcare led all industries in terms of the number of reported compromises in each of the past five years, Utilities companies led in the estimated number of victims in 2023.
- Most data compromises were due to cyberattacks. Phishing-related and ransomware attacks were down slightly, while Zero Day attacks jumped significantly compared to previous years.
- Supply chain attacks continue to impact more organizations and victims. The number of organizations impacted has surged by more than 2,600 percentage points since 2018. The estimated number of victims has also risen 1,400 percentage points.
The 41-page PDF 2023 Annual Data Breach Report is chock-full of graphics, statistics, term definitions and more which makes it a very easy read. Check it out here!
So, what do you think? Are you surprised that ITRC is reporting a record number of compromises, 72 percent over the previous high? Please share any comments you might have or if you’d like to know more about a particular topic.
Image created using GPT-4’s Image Creator Powered by DALL-E, using the term “robots finding out their data has been breached”.
Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.