The number of reported data breaches jumped 68 percent last year to the highest total ever, a new report says.
According to the Identity Theft Resource Center’s 2021 Data Breach Report, there were 1,862 data breaches last year, surpassing both 2020’s total of 1,108 and the previous record of 1,506 set in 2017.
The numbers reflect a year of high-profile cyberattacks that targeted everything from the country’s largest oil pipelines to companies entrusted with the personal information of millions of American consumers.
Eva Velasquez, ITRC’s president and CEO, called the number of breaches “alarming.”
“There is no reason to believe the level of data compromises will suddenly decline in 2022,” Velasquez said in a statement. “As organizations of all sizes struggle to defend the data they hold, it is essential that everyone practice good cyber hygiene to protect themselves and their loved ones from these crimes.”
The percentage of breaches that involved sensitive information, such as Social Security numbers, rose slightly to 83 percent from 80 percent the year before, but remained significantly below 2017’s record of 95 percent.
On the upside, the number of people affected by the data breaches edged down about 5 percent last year to 294 million. But ITRC attributed the decline to a shift in the focus of cybercriminals toward smaller, more focused attacks, rather than massive data theft.
The center also noted that attacks involving ransomware have doubled in each of the past two years, representing 22 percent of the total number of reported cyberattacks in 2021. At this rate of growth, ITRC said ransomware will surpass phishing as the top cause of data breaches this year.
By sector, the number of breaches increased in all areas, with the exception of the military, which reported no data breaches last year. The biggest increase was in manufacturing and utilities, where the number of breaches more than doubled.