A recent analysis of data breach incidents found that nearly every breach contained financial information, such as bank records and account identification numbers. At the same time, a separate analysis by IBM concluded that the average cost of a data breach in the U.S. grew to more than $10 million last year.
The data intelligence platform provider Lab I analyzed the unstructured files exposed in nearly 1,300 data breach incidents and found that 93% of breaches included some type of financial information. Nearly half of incidents (49%) contained bank statements. More than a third (36%) contained international bank account numbers, while 14% contained wealth statements. More than half of incidents (51%) contained Social Security numbers.
One finding of the report was “size doesn’t matter” when it comes to the amount of data breached. “Many incidents analyzed for this report with relatively low file volumes involved high-impact files that introduced significant risks,” the authors wrote.
Cost of breaches
The average cost of a data breach in the U.S. surged by 9% last year to $10.22 million, an all-time high, according to IBM. Higher regulatory fines and higher detection and escalation costs in the U.S. contributed to the increase. The surge in the U.S. price tag came even as the global average cost shrank 9% to $4.44 million.
Globally, the average data breach took 169 days to identify and another 58 days to contain, according to IBM. The health care sector experienced the highest cost per breach, averaging $9.8 million per incident, followed by financial services at $6.1 million. Of the breached organizations surveyed, 63% said they plan to increase their security spending, up from 51% the previous year.
