The number of data breaches publicly reported so far this year has already exceeded the total for 2020, putting 2021 on track for a record year, according to the Identity Theft Resource Center (ITRC).
The non-profit’s figures for Q3 breach volumes came in at 446 incidents. Although this is lower than the 491 breaches reported in the second quarter, the total for the year-to-date is now 1291, versus 1108 in 2020.
The all-time high of 1529 breaches was set in 2017, but with phishing and ransomware leading the way in driving volumes up this year, it’s predicted that 2021 could exceed that figure.
Eva Velasquez, president and CEO of the ITRC, said 2021 is just 238 breaches away from tying the all-time record for a single year.
“It’s also interesting to note that the 1,111 data breaches from cyber-attacks so far this year exceeds the total number of data compromises from all causes in 2020,” she added.
“Everyone needs to continue to practice good cyber-hygiene to protect themselves and their loved ones as these crimes continue to increase.”
The ITRC’s figures comprise not only traditional breaches where malicious third parties steal data from organizations, but also cases of cloud misconfigurations that lead to data leaking into the public domain.
Cases of the former in the year-to-date rose 27% versus the whole of 2020.
Cloud leaks often affect large numbers of users, even if the data does not ultimately end up in the wrong hands. To that end, the number of data compromise victims in Q3 (160 million) is higher than Q1 and Q2 2021 combined (121 million). However, that figure is mainly due to unsecured cloud databases, ITRC said.
Interestingly, there have been no reported breaches this year associated with payment skimming campaigns, often dubbed "Magecart."