Nearly 1,800 security breaches worldwide exposed 1.4 billion data records last year, an 86 percent increase over 2015, according to Gemalto’s 2016 Breach Level Index. The Dutch digital security firm has tracked data breaches in its report since 2013 and has seen both the type of information being stolen and the type of company being attacked evolve. The trends are not positive for merchants in the space and indicate that fraud attacks will continue to increase at the account level rather than the transaction level (although plenty of fraudsters will continue to leverage stolen data during transactions, as well).
“The Breach Level Index highlights four major cybercriminal trends over the past year. Hackers are casting a wider net and are using easily attainable account and identity information as a starting point for high value targets,” said Jason Hart, vice president and CTO for data protection at Gemalto. “Clearly, fraudsters are also shifting from attacks targeted at financial organizations to infiltrating large data bases such as entertainment and social media sites. Lastly, fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid.”
Identity theft accounted for 59 percent of all data breaches last year, according to the Gemalto report, while account-access-based breaches made up 54 percent of all breached records, which is an increase of 336 percent from the previous year. The increase will continue to fuel account takeover and account creation fraud, which are significant problems for banks and merchants alike.
- Identifying and Preventing ATOs and New Account Creation Fraud
- PCI and CNP: How to Spell Security