Data breaches on decline through first half of 2022

Ransomware showed a quarter-on-quarter decline for the first time since 2018, according to the Identity Theft Resource Center.

“We see the criminals continuing to shift their tactics resulting in the significant drop in the number of victims impacted,” Eva Velasquez, president and CEO of the ITRC, said in a release. “We also see a decrease in the number of publicly-reported data breaches and the number of data breaches linked to ransomware attacks.” (Credit: William Potter/Shutterstock.com)

Through the first half of 2022, the number of data breaches was down 4% compared with the same period the year prior, according to the Identity Theft Resource Center (ITRC). While on its face the decline is good news, it should be noted that 2021 set a record for the number of data breach events.

Although overall events have dropped in the first half, the ITRC reported a 2% increase in data breaches from Q1 to Q2 2022. While the situation is showing some improvement, cyber rates have continued to grow. MarketScout reported that cyber rates grew the fastest during the second quarter of 2022, increasing 21.3% compared with a 19.7% gain seen in the preceding quarter.

Additionally, for the first time since 2018 the number of ransomware attacks showed a quarter-on-quarter decline. Ransomware incidents declined around 20% in Q2, according to the ITRC, which attributed the drop to a combination of factors including the war in Ukraine and the collapse of cryptocurrencies favored by hackers.

Along with the falling number of incidents came a drop in the number of individuals impacted, as hackers focused more on businesses, government agencies and institutions.

“We see the criminals continuing to shift their tactics resulting in the significant drop in the number of victims impacted,” Eva Velasquez, president and CEO of the ITRC, said in a release. “We also see a decrease in the number of publicly-reported data breaches and the number of data breaches linked to ransomware attacks.”

She added that the recent declines could be a bit misleading, as around 40% of data breach notices issued during the first half didn’t include basic information such as attack vector. Further, 39% of breach notices didn’t include details on the number of victims.

“Also, these trends could quickly be reversed simply by a few large breaches or a handful of smaller compromises,” Velasquez said.

Related: