ForgeRock has released its latest Consumer Identity Breach Report, which found that data breaches cost U.S. organizations more than $1.2 trillion in 2019 alone. That number is considerably larger than the comparable 2018 figure of $654 billion.
The story is similar with regards to the total number of breaches. ForgeRock found that more than 5 billion individual records were exposed in 2019, which is nearly double the 2.8 billion records that were exposed in 2018. Taken together, U.S. organizations have lost more than 7.8 billion records and $1.8 trillion in the past two years.
Cybercriminals almost always went after Personally Identifiable Information (including birth dates and Social Security Numbers) during their attacks. 40 percent of all data breaches occurred when hackers were able to gain unauthorized access to an account, though malware (15 percent) and phishing (14 percent) were also common methods of attack. The healthcare industry suffered the most data breaches with 382 individual incidents, though tech lost more individual records after 1.37 billion accounts were exposed.
ForgeRock attributes the skyrocketing numbers to the use of poor identity and access management solutions. The company argues that organizations should update their identity practices, especially since the number of records exposed in 2020 is on pace to eclipse the total for 2019, based on the data for the first quarter of the year.
“The Report’s findings demonstrate that enterprises need to increase their identity and access management maturity,” said ForgeRock CTO Eve Maler. “The secret is democratizing data control so organizations can allow known users to hop onto authentication ‘express lanes’ for a great experience, entrusting them with convenient consent options, and make bad actors jump through extra hoops to help prevent fraud.”
ForgeRock is not the only company urging organizations to update their digital identity protocols to combat high rates of data breaches. Jumio and FaceTec advocated for biometric authentication in a white paper dedicated to the subject, while Gemalto has noted that the overall number of data breaches has remained relatively consistent.
June 8, 2020 – by Eric Weiss