Ransomware attacks continued to increase during the first half of 2017, up 50 percent over the first half of 2016, but accidental breaches remain an enormous factor, according to a new report from Beazely. The cyber and data breach insurance company, which has collected data on cyber breaches since 2014, found that the number of breaches continue to increase, suggesting companies aren’t adapting their security measures to properly protect data.
Accidental breaches caused by employee error or issues occurring while data is controlled by third-party suppliers accounted for 30 percent of overall breaches, while those those resulting from hacking and malware attacks make up 32 percent of all breaches.
Various business sectors were prone to different types of breaches. For example, higher education saw one-quarter of cyber breaches occur due to unintended data disclosures, while nearly half of the breaches in the data systems of higher education institutions were from hacking and malware.
Professional service firms had the lowest rate of unintended breaches, at 14 percent. But while this relatively low rate might suggest these firms have more security in place, the percentage has risen from 9 percent in 2016.
Two of the most sensitive types of data, financial and health care, also suffered some of the highest rates of employee-caused breaches. Nearly one-third of data breaches at financial institutions were the result of unintended disclosure — sending bank account details or personal information to the wrong recipient. This type of error became more common in the financial services industry over the last few years, even as instances of hacks and malware dropped.
Unintended disclosure also accounted for the majority of losses in the health care sector, accounting for 42 percent of data security breaches for the second straight year.
The study’s data comes from a Beazley survey of more than 1,300 data breaches at companies in a variety of sectors in the first six months of 2017.