A report by the company Risk Based Security revealed that data breaches have increased immensely in 2020.
Although fewer security breaches were disclosed publicly than the previous year, 2020 saw the numbers of compromised systems jumped by 141% to 37 billion, which is the largest number since 2005. Hence, it shows that not every organization chooses to publicly announce if their systems suffered a breach.
Moreover, disruptions with some governmental sources, delayed reporting, as well as declining news coverage, have led to fewer breaches reported in 2020. Besides, more sophisticated and damaging attacks needed complex investigations that can take a lot of time.
It would also seem that Ransomware could influences how and where data breaches are reported. Indeed, ransomware attacks rose exponentially in the past year, leading to double data breaches compared to 2019. Although 2020 saw much coverage of security breaches, these new tactics by Ransomware and others meant that less information about these events is being disclosed.
Data breach severity is measured on a scale of 0 to 10 based on how many records were stolen, how the breach occurred, the type of data exposed, and other factors. in 2020, the average severity reached a 5.71 score towards the end of the year.
Yet, this issue might not be widespread as it seems. Indeed, the report shows that among all the exposed records analyzed for 2020, 82%, came from only five data breaches, which were caused by misconfigured databases or services, and the data exposed included a variety of log files. Hence, this information would not very likely be used for malicious purposes.