DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Verizon releases it 2013 Data Breach Investigations Report

Posted on April 23, 2013 by Dissent

Verizon has released  the Verizon Data Breach Investigations Report (DBIR).  You can download the Executive Summary here and the full report here.

The DBIR analyzes data from 19 organizations — covering more than 47,000 reported security incidents and 621 confirmed data breaches from the past year. Because VZ has the cooperation of so many organizations, it provides a unique opportunity to analyze data. Although we do not know what percent of the incidents in their analyses overlap with the more than 1200 incidents compiled by DataLossDB.org for 2012, I find it fascinating to look at where the two organizations’ reports agree, and they do agree on numerous key findings – including the fact that most incidents involve external agents, not insiders, that over half of incidents involve hacking, and that breaches from the healthcare sector, while garnering much media attention, account for only about 1% of breaches. Their report is also consistent with RBS/OSF’s report indicating that most incidents do not involve particularly sophisticated attacks and most could be easily prevented. Verizon’s report, however, gives us a first harder look at state-sponsored attacks and other factors that RBS/OSF’s report does not address, such as their finding that approximately two-thirds of confirmed breaches involved data at rest or data being processed – and not data in transit. Worryingly, the majority of breaches take months to detect (and the problem got worse in 2013 compared to their 2012 data), and most breaches are not detected by the entity’s IT personnel.

So… how many times do we have to tell people to purge data that’s no longer really needed and to monitor to ensure that if you have policies in place to protect data on mobile devices, those policies are being implemented? DBIR notes – and most of us would agree, I think – that there is no one-size fits all in terms of protecting assets. Knowing the risks for your industry and type of data is critical.

Read their report for more details, and kudos to them for another fine report.

Related posts:

  • Three breach reports, three sides of the elephant?
  • Verizon’s 2016 Data Breach Investigations Report finds criminals continue to exploit human nature
  • Verizon-USSS 2011 data breach investigations report released – what do they know that we don’t?
  • Verizon Business, U.S. Secret Service to Join Forces on 2010 Data Breach Investigations Report
Category: Commentaries and Analyses

Post navigation

← What healthcare CIOs need to know from Verizon data breach report
UK: Personal data breach by police to G4S →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people
  • Terrible tales of opsec oversights: How cybercrooks get themselves caught
  • International Criminal Court hit with cyber attack during NATO summit
  • Pembroke Regional Hospital reported canceling appointments due to service delays from “an incident”
  • Iran-linked hackers threaten to release emails allegedly stolen from Trump associates
  • National Health Care Fraud Takedown Results in 324 Defendants Charged in Connection with Over $14.6 Billion in Alleged Fraud
  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.