The Identity Theft Resource Center just released its 2023 Annual Data Breach Report, showing a 72% rise in compromises over the previous high in 2021.
The number of victims impacted (353,027,892) decreased by 16 percentage points from 2022 (425,212,090), following the trend for identity criminals to focus on specific information and identity-related fraud and scams vs. mass attacks.
Highlights include:
-
- Data breach notices without specific information nearly doubled year-over-year
- Since 2018, the percentage of notices with actionable information dropped from 100% to 54%
- Nearly 11% of all publicly traded companies were compromised in 2023.
- Publicly traded companies withheld information about an attack in 47% of notices
- Healthcare, Financial Services, and Transportation compromises more than doubled
- Healthcare led all industries in reported compromises; utility companies led in victims
- Most data compromises were due to cyberattacks
- Phishing and ransomware attacks were down slightly, while Zero Day attacks jumped significantly compared to previous years
- Supply chain attacks continue to impact more organizations and victims. Organizations impacted surged more than 2,600 percentage points since 2018, with victims rising 1,400 percentage points
The ITRC also introduced a new Breach Alert for Business (BA4B) service to help organizations verify vendors are meeting or exceeding a company’s cybersecurity policies and performance.
