So how’s 2014 going, you ask? Not well, not well…..
Risk Based Security and Open Security Foundation have released a report for Q1 of 2014. The first bullet gives a good indication of what kind of year 2014 is turning out to be:
There were 669 incidents reported during the first three months of 2014 exposing 176 million records.
Of especial interest to me were the statistics on entities suffering repeated breaches:
Just in the first quarter of 2014, 97 organizations were breached for the second, third, fourth and in one case the 52nd time over the last eight years. Nearly 15%, of the breaches disclosed in 1Q2014 represented a subsequent incident for the impacted organization. Three organizations reported multiple incidents during the first quarter of 2014.
Businesses, primarily financial institutions and data brokers, topped the list with 44 multiple incident organizations. The education sector, primarily universities, comes in second with 26 incidents followed by government (18) and medical (9).
You can access the full QuickView report here (pdf).