New data shows that cyber attacks have resulted in double the number of data breaches in 2024 than throughout all of 2023.
After a data breach, there are two common impacts– an organization with disrupted operations and customer victims. We tend to focus only on the duration it takes for an organization to regain normal operations, but the total number of victims from a data breach can take years to tally.
According to the Identity Theft Research Center’s latest data breach analysis covering the first half of 2024, the world saw 1.078 billion victims of data breaches in just 1571 compromises. In comparison, in all of 2023, there were 3203 compromises resulting in 418 million victims. If 2024 were to continue at the same pace (which is unlikely), it would result in a 5x victim count over last year.
By compromise count, financial services, healthcare, professional services, and manufacturing were hit hardest – all nearly identical to last year.
What’s really surprising is the lack of attack details being reported. In this year’s report, there are almost 20% more cyber attacks reported, and yet initial attack vector attribution is down across the board – phishing, ransomware, malware, credential stuffing, and more. Seemingly in response, the “not specified” attack vector jumped from 515 in 2023 to 839 in 2024 – demonstrating that organizations that are reporting data breaches aren’t being forthcoming about attack specifics.
This last part is rather concerning, as sharing details about successful attacks helps improve overall cyber defenses – the more we collectively know about cyber attack actions, the faster and more effective our efforts to stop similar attacks.
Phishing continues to lead the charge as the top initial attack vector, stressing the need for security awareness training in organizations to raise awareness when interacting with email and the web.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.