Social Security Numbers Most Targeted Sensitive Data
Social Security Numbers (SSN) are the type of sensitive data most commonly targeted in data breaches in the United States, according to new research published today by Spirion.
Analysis conducted against the Identity Theft Resource Center (ITRC) database of publicly reported data breaches in the United States revealed that 65% of all sensitive data incidents in 2021 involved SSN.
The finding was included in the data protection and privacy company’s Definitive Guide to Sensitive Data Breaches: America’s Top Leaks, Attacks and Insider Hacks. Spirion’s guide is based on the analysis of more than 1,500 data breaches involving sensitive data in the United States last year.
A total of 1,862 data compromises were reported by US organizations last year, representing a 68% increase over 2020 and making 2021 steal 2017’s title of the most prolific year on record for data breaches. ITRC data showed that 83% of the year’s incidents impacted more than 150 million individuals by exposing 889 million sensitive data records.
Personal Health Information (PHI) was the second most targeted form of sensitive data and was the focus of 41% of data incidents. The third most predated forms of sensitive data were bank account information and driver’s licenses, which were each involved in 23% of incidents.
The majority of individuals affected by sensitive data breaches in 2021 (84%) were victims of incidents in the professional and business services, telecommunications and healthcare industries. The 157 reported data breaches in the professional and business services sector impacted 52 million individuals (or 35% of total individuals). Just eight incidents in the telecommunications industry impacted 47.8 million individuals (or 32% of total individuals).
Trends identified in the guide included the emergence of supply chain and third-party attacks as a leading contributor to sensitive data compromises.
“A total of 93 third-party attacks impacted 559 organizations, exposing more than 1.1 billion data records,” said a Spirion spokesperson.
“Of these incidents, 83% contained sensitive data, revealing PII [personally identifiable information] for 7.2 million people.”
Another trend was experiencing multiple data breaches in one year – a fate suffered by more than two dozen US organizations in 2021.
More Stories
Data Breaches in US Schools Exposed 37.6M Records
Comparitech said 2023 was a record year for breaches with 954 reported, up from 139 in 2022 and 783 in...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m giving a webinar via Zoom...
Ebury Botnet Operators Diversify with Financial and Crypto Theft
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and...
CISA and Partners Unveil Cybersecurity Guide For Civil Society Groups
The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses Read More
How Scammers Hijack Your Instagram
Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user base and dynamic platform, has become a hotbed for...
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database...