The ITRC has released its Q1 2024 Data Breach Analysis, which shows 90 percent more compromises than Q1 2023!

Yesterday, the Identity Theft Resource Center (ITRC) released its U.S. data breach findings for the first quarter of 2024. According to the Q1 2024 Data Breach Analysis (available here), there were 841 publicly reported data compromises in the quarter, 90 percent more compromises than Q1 2023 (442 compromises).

The good news is that the number of victims in Q1 2024 (28,596,892) decreased 72 percent compared to Q1 2023 (100,686,535) and 81 percent from the previous quarter (152,679,771). While that’s good news for the victims, the organizations experiencing a data compromise still have to go through incident response cycles to identify and notify those victims. More compromises means more incident response exercises, regardless of the number of victims.

Other findings in the Q1 2024 Data Breach Analysis Include:

• The number of organizations impacted by supply chain attacks more than tripled in Q1 2024 compared to the same period in 2023. Fifty (50) new attacks impacted 243 organizations and ~7.5 million victims compared to 73 entities and ~11.4 million victims in Q1 2023.
• Data breach notices from Financial Services tripled year-over-year (224 notices in Q1 2024 compared to 70 in Q1 2023). Attacks against Professional Services (100 notices) more than doubled, becoming the third industry to publish more triple-digit notices in the Quarter.

The 7-page PDF Q1 2024 Data Breach Analysis provides these and a lot more key cyber-stats. Check it out here!

So, what do you think? Are you surprised that ITRC is reporting 90 percent more compromises in Q1 2024 than Q1 2023? Please share any comments you might have or if you’d like to know more about a particular topic.

Image created using GPT-4’s Image Creator Powered by DALL-E, using the term “robots finding out their data has been breached”.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.