2016 saw a huge increase in data breaches, which increased by 86 per cent compared to 2015, according to data from digital security company Gemalto. The firm announced these findings based on data from its Breach Level Index, a global database that tracks and measures the severity of data breaches, which shows that 1,792 data breaches led to almost 1.4 billion data records being compromised worldwide during 2016.

4 major cybercrime trends

Identity theft is the most prevalent type of data breach, followed by account access breaches. In addition, 52 per cent of the data breaches in 2016 did not disclose the number of compromised records at the time they were reported. The index scores data breaches on a scale from 1-10, ranging from not serious to truly impactful. The database's figures suggest that data breaches affect more than 3 million records daily or about 44 records per second. Notable attacks on corporate data records in 2016 include those on AdultFriend Finder, Fling, Philippines' Commission on Elections, 17 Media and Dailymotion.

Gemalto believes the figures highlight four major cybercrime trends:

1. hackers are casting a wider net;
2. they are using easily-attainable account and identity information as a starting point for high value targets;
3. fraudsters are shifting from attacks targeted at financial organisations to infiltrating large data bases, such as those of entertainment and social media sites; and
4. fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid.

More encryption needed

Gemalto highlights that only 6 per cent of the 1.4 billion records compromised in 2016 had been partially or fully encrypted – which is an increase from 2 per cent in 2015. The firm states: “Knowing exactly where their data resides and who has access to it will help enterprises outline security strategies based on data categories that make the most sense for their organizations. Encryption and authentication are no longer 'best practices' but necessities. This is especially true with new and updated government mandates like the upcoming General Data Protection Regulation (GDPR) in Europe, US state-based and APAC country-based breach disclosure laws. But it's also about protecting your business' data integrity, so the right decisions can be made based on accurate information, therefore protecting your reputation and your profits.”