According to data analysed by the Atlas VPN team based on the 2020 Year End Data Breach QuickView Report by Risk Based Security, the number of leaked data records worldwide hit a whopping 37 billion in 2020. It is a 140% increase from 15 billion records in 2019.
The majority — 82% or over 30 billion of data records — were compromised in only five major breach incidents. All of them were a result of misconfigured databases or services.
The most commonly exposed type of data were names, leaked in 46% of data breaches last year. Following names are email addresses, which were compromised in 32% of incidents.
While leaked records reached never-before-seen highs in 2020, the number of actual data breaches shrank by 48%. It went down from 7,553 breaches in 2019 to 3,932 in 2020.
In total, 77% of data breaches last year were caused by outside actors, 16% by insider threats, while the rest is unknown. What is more, 676 breaches last year included ransomware as an attack element — a 100% rise compared to 2019.
Nevertheless, we are yet to see the real number of cyber breaches that took place last year, as it is likely that many incidents went unreported.
Healthcare sector suffers the most
Last year was certainly hard on the healthcare industry, which dealt with more data breaches than any other sector. In 2020, the healthcare industry faced 484 hacks, which account for 12% of all last year’s breaches.
However, the number of breaches affecting the healthcare industry actually dropped by 5% compared to 2019, when 512 hacks took place.
The information sector was also highly targeted. It suffered 429 hacks, which made up 11% of data breaches last year. The number of hacks affecting the information industry plummeted by 30% compared to 2019, when 614 data breaches were registered.
Rounding out the top three industries in terms of data breaches last year is the finance and insurance sector. In 2020, the industry faced 382 hacks — 10% of last year’s breaches. It is a 12% decrease from 435 breaches that affected the finance and insurance industry in 2019.
In total, 2,340 or 60% of breaches were reported within the US. While this may be due to the fact that there is more transparency regarding public data breach reporting in the US, it is also true that with many major global companies residing in the country, it is an attractive target to cybercriminals.
2020 in review
All in all, the year 2020 taught us that it is hard to predict what the future holds for cybersecurity. In a single year, breached data files more than doubled, reaching record-high numbers, as did the number of hacks that included a ransomware component.
However, there were fewer actual data breaches reported. It suggests that data breaches are growing in severity, with fewer incidents exposing more personal information than ever before.