Cyber Update: Data Breaches With Unreported Root Causes Continued Upward Climb

data breach root causes

While 2023 started with fewer publicly reported data breaches, an increasing number of breached organizations failed to share detailed information about their data breach root causes of events, according to the Identity Theft Resource Center’s (ITRC) latest data breach analysis.

The first quarter saw 445 publicly reported U.S. data compromises, a decrease from the 512 from the fourth quarter last year but up from the 202 reported in the first quarter of 2022. Of those breaches, 187 contained no actionable information about the root cause of the compromise, up from 155 in the first quarter of 2022 and just five in the first three months of 2021.

Six of the top 10 compromises in the first quarter did not include information about the root cause of the event, compared to four of the top 10 in the final three months of 2022.

A total of 378 breaches in the first quarter were attributed to cyberattacks, up from 366 year-over-year. Phishing was the most common attack vector that led to a data breach at 106. Breaches resulting from ransomware fell to 54 from 71 in the first quarter of 2022, and were even down relative to the 62 incidents reported in the first quarter of 2021.

Data compromises impacted more than 89 million people in the first quarter. Most people (84 million) fell victim to compromises in the manufacturing and utilities, technology, health care, and transportation sectors. Eight of the top 10 compromises affected more than 1 million people.

The healthcare industry reported the most data compromises among the top 10 for the third consecutive quarter. The top compromise in the quarter came from T-Mobile, which affected 37 million people.

See also  Massive Strike Brings Germany’s Transport Industry to Near Standstill

Breaches resulting from human error grew year-over-year to 58 from 33. The seven reported breaches due to physical attacks in the first quarter (up from three year-over-year) all resulted from device theft.

We can help.

In addition to identifying data breach root causes, you must have the right insurance protection in place to help you recover.

If you’d like additional information and resources, we’re here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk. You can download a free copy of our eBook, or if you’re ready make Cyber Liability Insurance a part of your insurance portfolio, Request a Proposal or download and get started on our Cyber & Data Breach Insurance Application and we’ll get to work for you.