page contents

The numbers are in! The Identity Theft Resource Center (ITRC) has captured 116 total data breaches in January 2018 in the 2018 ITRC Breach Report. The numbers are down a very small amount from January 2017. Educational and Medical industry breaches are down. But, the number of data breaches in the Business, Government, and Financial Services industries have all increased.

The number of records exposed in January 2018 is 3,158,441.  As you can see in the Data Breach Stat Report, most breaches do not know the number of records that were exposed.

Please note, these are published breaches. The ITRC Breach database is updated on a daily basis. Unless noted otherwise, each report includes U.S. breaches that occurred in the year of the report name (such as “2018 Breach List”), or became public in the report name year, but was not public in the previous year.  Each item must be previously published by a credible source, such as Attorney General’s website, TV, radio, press, etc. The item will not be included at all if ITRC is not certain that the source is real and credible.

What is a breach? 

The ITRC defines a data breach as an incident in which an individual name plus a Social Security number, drivers license number, medical record or financial record (including credit/debit cards) is potentially put at risk because of an exposure.

Breach Categories

Banking/Credit/Financial 
# of Breaches: 7
# of Records: 119,279
% of Breaches: 6.0%
%of Records: 3.8%

Business
# of Breaches: 62
# of Records: 2,024,319
% of Breaches: 53.4
%of Records: 64.1%

Educational
# of Breaches: 7
# of Records: 282,463
% of Breaches: 6.0%
%of Records: 8.9%

Government/Military
# of Breaches: 9
# of Records: 499,791
% of Breaches: 7.8%
%of Records: 15.8%

Medical/Healthcare
# of Breaches: 31
# of Records: 232,589
% of Breaches: 26.7
%of Records: 7.4%

Totals for All Categories:
# of Breaches: 116
# of Records: 3,158,441
2018 Breaches Identified by the ITRC as of 1/31/2018

The Threat of Hacking continues

Hacking attacks continue to be the most common type of attack at nearly 30 percent of the total number of breaches. Of these, 10.3 percent involved ransomware/malware and 8.6 percent employed phishing tactics. Breaches identifying unauthorized access to the method of attack represent more than 23 percent of the overall number of breaches so far this year. The number of notification letters received by various Attorneys General offices identifying unauthorized access has jumped considerably over last year.

Protect your data

The time is now to begin a proactive approach to cyber risk management. Here are the steps we recommend:

1. Find out where your security gaps are.
2. Improve and harden your organization’s security program.
3. Strengthen your human firewall.
4. Monitor your security infrastructure.
5. Make sure data is accessible no matter what.

Don't Be A Number.