The Institute for Data Research and Protection (IDRP) has reported a rise in the number of data breaches, although there are fewer victims affected by these compromises. According to the IDRP, the number of data breaches increased, but the number of victims decreased to 353,027,892 in 2023, which is a 16% decline from 425,212,090 in the previous year. This downward trend in the number of victims has been consistent over the years, with an 84% decrease since 2018, which was the high point for victim count.
Lee, a spokesperson for the IDRP, attributes this decline in the number of victims to the changing tactics of identity thieves. He stated, “Identity thieves have changed their tactics. They’re more targeted, both in what they’re attacking and the information that they’re seeking.” This sentiment is echoed by Bach, who mentioned that today’s attackers are more precise in targeting the right systems, leading to fewer collateral damage and a decrease in the number of affected individuals.
Moreover, the breaches that are being reported have a more direct impact on organizations rather than individuals. According to Luciano Allegro, co-founder and CMO of BforeAi, a threat intelligence company, many companies have prioritized data privacy efforts due to GDPR and CCPA but have overlooked the overall protection of their infrastructure.
In addition to the rise in data breaches, the IDRP also highlighted an increase in supply-chain and zero-day attacks. The report stated that nearly 11% of all publicly traded companies were compromised in 2023, with healthcare, financial services, and transportation sectors experiencing more than double the number of compromises compared to the previous year. Looking ahead, Lee expects the trend of increasing breach numbers to continue, especially with the rise in supply-chain and zero-day attacks. He expressed, “I don’t see any reason for it to go down. With the increase in supply-chain and zero-day attacks, I believe we’re going to see another year of increases.”
According to security experts, the increasing complexity of modern software supply chains makes it challenging to identify and address potential security flaws, rendering comprehensive vetting of these systems difficult. This complexity contributes to the ability of attackers to hide security flaws, making it more challenging for organizations to mitigate the risks posed by such vulnerabilities.
It is anticipated that organizations will need to enhance their cybersecurity measures to protect against the evolving tactics of cybercriminals. With the continued rise in data breaches and more targeted attacks, companies will have to focus on fortifying their defenses and ensuring the security of their supply chains to safeguard against potential threats. As technology continues to advance, it is essential for organizations to remain vigilant and proactive in addressing the evolving landscape of cybersecurity risks.