Risk Based Security releases its Year-End 2020 Data Breach Report

Jan. 25, 2021
Data breaches in 2020 decreased by 48% but the number of records exposed has exceeded 37 billion

RICHMOND, VA, January 21, 2020 — Risk Based Security recently released their 2020 Year End Data Breach QuickView Report, revealing that there were 3,932 publicly reported data breaches, compromising over 37 billion records.

Compared to 2019, the number of publicly reported breach events decreased by 48%. However, the total number of records compromised increased by 141% and is by far the most records exposed in a single year since RBS reporting began in 2005.

“2020 has challenged the security-minded community quite unlike any other, and the number of records exposed highlights how unique the year has been,” commented Inga Goddijn, Executive Vice President at Risk Based Security. “We do not believe fewer breaches are happening. Disruptions at certain governmental sources, delayed reporting, and declining news coverage have all contributed to fewer breaches coming to light in 2020, but that is only a part of the story. More complex and damaging attacks have also contributed to lengthy and complex investigations.”

“The rise of ransomware coupled with the particularly pernicious practice of leaking data stolen during the attack has been a leading theme of the year,” commented Inga Goddijn, Executive Vice President at Risk Based Security. “There were few signs that ransomware would explode into a preferred method for monetizing attacks and while the coverage of breach events has picked up once again, the changing tactics means less information about events is being disclosed. It is anyone’s guess where 2021 might take us.”

The 2020 Year End Data Breach QuickView Report covers data breaches publicly disclosed between January 1, 2020, and December 31, 2020.

Here are some highlights:

  • There were 3,932 publicly reported breach events at the time of this report; a 48% decline compared to 2019. As the year matures, and 2020 breaches continue to be disclosed into 2021, it is typical for the number of reported breaches to grow by 5% to 10%. In “normal” times that would place 2020 on par with 2015 and 2016 breach years.
  • Despite 1,923 breaches (49%) without a confirmed number of records exposed, the total number of records compromised in 2020 exceeded 37 billion, a 141% increase compared to 2019 and by far the most records exposed in a single year since we have been reporting on data breach activity.
  • There were 676 breaches that included ransomware as an element of the attack, a 100% increase compared to 2019.
  • Breach severity, as measured by severity score, steadily increased throughout the year, reaching an average of 5.71 in Q4 compared to 4.75 in Q1. Severity score is a base 10 logarithmic scale, meaning that the severity of breach events increased by a factor of 10 over the course of the year.
  • Five breaches each exposed one billion or more records and another 18 breaches exposed between 100 million and 1 billion records.
  • Healthcare was the most victimized sector this year, accounting for 12.3% of reported breaches.

About Risk Based Security

Risk Based Security (RBS) provides detailed information and analysis on Data Breaches, Vendor Risk Ratings and Vulnerability Intelligence. Our products, Cyber Risk Analytics (CRA) and VulnDB, provide organizations access to the most comprehensive threat intelligence knowledge bases available, including advanced search capabilities, access to raw data via API, and email alerting to assist organizations in taking the right actions in a timely manner. In addition, our YourCISO offering provides organizations with on-demand access to high quality security and information risk management resources in one, easy to use web portal.

Cyber Risk Analytics (CRA) provides actionable threat intelligence about organizations that have had a data breach or leaked credentials. This enables organizations to reduce exposure to the threats most likely to impact them and their vendor base. In addition, our PreBreach vendor risk rating, the result of a deep-view into the metrics driving cyber exposures, are used to better understand the digital hygiene of an organization and the likelihood of a future data breach. The integration of PreBreach ratings into security processes, vendor management programs, cyber insurance processes and risk management tools allows organizations to avoid costly risk assessments, while enabling businesses to understand its risk posture, act quickly and appropriately to proactively protect its most critical information assets.