Nearly 36.6 million data records were compromised in India last year in 33 data breaches — a 14 per cent rise as compared to 2015, a new report said on Monday. According to global digital security firm Gemalto’s ‘Breach Level Index’, identity theft and unauthorised access to financial data were the leading type of data breaches, accounting for 73 per cent of all data theft.
“The ‘Breach Level Index’ highlights four major cybercriminal trends over the past year. Hackers are casting a wider net and are using easily-attainable account and identity information as a starting point for high value targets,” said Jason Hart, Vice President and Chief Technology Officer for Data Protection at Gemalto in a statement.
The ‘Breach Level Index’ is a global database that tracks data breaches and measures their severity based on multiple dimensions. “Fraudsters are also shifting from attacks targeted at financial organisations to infiltrating large data bases such as entertainment and social media sites,” Hart added.
Across industries, the technology sector had the largest increase in data breaches in 2016. The healthcare industry accounted for 28 per cent of data breaches, rising 11 per cent compared to 2015.
“Knowing exactly where their data resides and who has the access to it will help enterprises outline security strategies based on data categories that make the most sense for their organisations,” Hart mentioned. “Encryption and authentication are no longer ‘best practices’ but necessities,” he added.
Among the top 10 breaches, 34 million Keralites were affected by the massive data leak of sensitive information such as income, name and date of birth, the report said. In 2016, the State Bank of India (SBI) blocked millions of its debit cards as a precautionary step after some suspicious transactions were reported.
This highlighted the risk faced by the banking sector in India and consequently led to the establishment of a formal Computer Emergency Response Team for the financial sector (CERT-Fin). Additionally, Yahoo! reported two major data breaches involving 1.5 billion user accounts.