Do you often find yourself wishing for an easy way to compare the latest and greatest data breaches? Perhaps something color coded, with filters for organization type, breach source, and data sensitivity? Do you find yourself staying up at night, unable to sleep due to an aching desire for a simple, effective and beautiful visualization of the impact of data breaches?
If you answered yes to any of the questions above, I’ve got great news.
Your dreams are now a reality, thanks to the good folks at Information is Beautiful, a data-driven journalism site, and pet project of London-based author, designer and former Wired contributor David McCandless.
The site, which is “dedicated to turning the world’s data information and knowledge into beautiful, interesting, and above all, useful visualizations, infographics, and diagrams,” has done just that with 10 years worth of data on data breaches that affected over 30,000 records.
[From Authentify to RSA, Solutions Review rounds up the top 24 Identity and Access Management solutions in the 2015 IAM Solutions Buyer’s Guide. Download your free copy today!]
The visualization, available here, takes the form of a bubble chart, which tracks data breaches from 2004 to 2015, and allows the user to filter those breaches by the number of records compromised, data sensitivity of compromised records, the type of organization breached, and the method of the breach. Each color-coded bubble also functions as a link to an article (from an outside source) that explains in detail the breach in question.
I scanned the chart and pulled some key takeaways from the past year of data breaches:
Despite the fever pitch surrounding the recent hack of the Office of Personnel Management, government organizations did not suffer the most high-profile data breaches in the past year. Of the 13 categories of organizations represented in the chart (academic, energy, financial, gaming, government, healthcare, media, military, retail, tech, telecom, transport, and web) finance and healthcare suffered the most frequent high-profile breaches, with four each in the past year.
Ebay breach compromised the most records
The Early 2014 breach of e-marketplace Ebay’s security system compromised over 145 million customers’ personal information. Login credentials, names, physical addresses, dates of birth, and phone numbers were all potentially compromised in the attack, which lasted from late February to early March of 2015.
Korean Credit Bureau breach was the most impactful.
The most impactful breach in recent years occurred when an employee of the South Korean Credit Bureau pulled off one of the largest cases of identity theft in world history.
The worker secretly copied data from multiple databases over the course of a year and a half and eventually walked away with over 20 million identities— that’s 40% of South Korea’s population. The thief made off with social security numbers, phone numbers, credit card numbers, names, and physical addresses.
– The advantages and risks of High-Privilege Access
– Assuring confidence and security compliance
– Better security through Privileged Identity Management
Most breaches are caused by outside attacks and hackings
The vast majority of the data breaches included in the chart were caused by attacks from outside the target organization’s network, though there are some notable exceptions, such as the insider attack on the Korean Credit Bureau discussed above.
- 17 Cybersecurity Podcasts You Should Listen to in 2020 - January 3, 2019
- What’s Changed: Gartner 2017 Magic Quadrant for Identity Governance and Administration (IGA) - January 28, 2018
- Crossmatch Integrates Keyboard Capture to Identity Management Software - November 27, 2017