#privacy: US data breach levels are skyrocketing in 2019

data breach

So far this year, organisations in the US have been hit by 3,800 data breach incidents, a new study has found.

The research, conducted by Risk Based Security has stamped 2019 as a record-breaking year in data breach notifications; we’re not yet through the summer and already the total number of data breaches is up by half on the previous four years.

The report stated:

“Between 2015 and 2018, the variation in the number of reported breaches was less than 200 incidents. For the first six months of 2019, the number of breaches increased by 54% compared to the same time last year.”

On the flip-side of the bitcoin, there was a 30% drop in the number of data records exposed for the first six months of 2019, compared to the first half of 2017.

While the report makes for alarming reading for all internal stakeholders across the cyber-security landscape, data showed that 89% of the data breaches came from external attacks.

“More and more sensitive data is exposed when insiders fail to properly handle or secure the information,” the report stated.

Risk Based Security also highlighted the risk increase that takes place when sensitive data is entrusted to the hands of third parties, citing the American Medical Collection Agency (AMCA) data breach which followed a hacking incident in 2018. The intrusion impacted upon millions of patients from Quest Diagnostics.

“These [kinds of] breaches are more difficult to manage given the multiple parties involved, they can also have more damaging consequences for the individuals whose data is exposed in the event,” the report said, acknowledging the disastrous scale and fallout of the incident; in June 2019, the AMCA filed for bankruptcy under the weight of multiple class-action lawsuits.

Services in healthcare suffer more data breach cases than any other industry, Risk Based Security says. Other industries in the top-five-most-affected include retail, finance/insurance, public administration and IT.


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.