Data breaches reached an all-time high in 2021 while the number of data events that involved sensitive information increased slightly compared to 2020, a new report has shown.
According to the Identity Theft Resource Center (ITRC), a US-based nonprofit organisation, the overall number of data compromises (1,862) is up more than 68 percent compared to 2020.
"The new record number of data compromises is 23 percent over the previous all-time high (1,506) set in 2017. The number of data events that involved sensitive information increased slightly compared to 2020 (83 percent vs. 80 percent). However, it remained well below the previous high of 95 percent set in 2017," according to its 'Annual Data Breach Report'.
"In 2021, we saw a shift in the identity crime space. Too many people found themselves in between criminals and organisations that hold consumer information. We may look back at 2021 as the year when we moved from the era of identity theft to identity fraud," said Eva Velasquez, President and CEO of the Identity Theft Resource Center.
The number of breaches in 2021 was alarming. Many of the cyberattacks committed were highly sophisticated and complex, requiring aggressive defences to prevent them.
"If those defences failed, too often we saw an inadequate level of transparency for consumers to protect themselves from identity fraud," Velasquez added.
The number of victims continues to decrease (down 5 per cent in 2021 compared to the previous year) as identity criminals focus more on specific data types rather than mass data acquisition.
However, the number of consumers whose data was compromised multiple times per year remains alarmingly high, said the report.
"Ransomware-related data breaches have doubled in each of the past two years. At the current rate, ransomware attacks will surpass phishing as the number one root cause of data compromises in 2022," the findings showed.
There were more cyberattack-related data compromises (1,603) in 2021 than all data compromises in 2020 (1,108).
The number of data breach notices that do not reveal the root cause of a compromise (607) has grown by more than 190 percent since 2020.
"There is no reason to believe the level of data compromises will suddenly decline in 2022. As organisations of all sizes struggle to defend the data they hold, it is essential that everyone practice good cyber-hygiene to protect themselves and their loved ones from these crimes," Velasquez noted.