US data compromises surged to record high in 2023

Data compromises were more abundant and organizations were less forthright about the root cause of cyberattacks throughout 2023, according to the Identity Theft Resource Center’s annual data breach report. The number of data compromises reported in the U.S. last year jumped 78% to a record high of 3,205 incidents, the non-profit organization said Thursday. These compromises ultimately impacted more than 353 million victims, including individuals affected multiple times.

Specific details about the attack vector were missing from 44% of all data breach disclosures last year. This underscores a trend toward opaque breach notices, ITRC said. The percentage of disclosures without this critical information grew from a ratio of 40% in 2022. Federal cyber authorities and researchers conduct root-cause analysis and share indicators of compromise to help organizations to hunt for malicious activity and bolster defenses against specific threats. The FBI and Cybersecurity and Infrastructure Security Agency consistently encourage victim organizations to share more information, as a lack of reporting hinders law enforcement’s ability to take action.

Cybersecurity Dive 01/25/2024