Identity Theft Resource Center®’s Annual End-of-Year Data Breach Report Reveals 17 Percent Increase in Breaches over 2018

“The increase in the number of data breaches during 2019, while not surprising, is a serious issue,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center.

SAN DIEGO (PRWEB) January 28, 2020
Today, the Identity Theft Resource Center®, a nationally recognized non-profit organization established to support victims of identity crime, released its annual End-of-Year Data Breach Report for 2019 with the support of the report’s long-time sponsor CyberScout®, a global leader in identity theft resolution, data defense and employee benefits services.
According to the report, the number of U.S. data breaches tracked in 2019 (1,473) increased 17 percent from the total number of breaches reported in 2018 (1,257). However, 2019 saw 164,683,455 sensitive records exposed, a 65 percent decrease from 2018 (471,225,862). The 2018 Marriott data breach exposed 383 million records alone, significantly skewing the data.
“The increase in the number of data breaches during 2019, while not surprising, is a serious issue,” said Eva Velasquez, president and CEO of the Identity Theft Resource Center. “It would appear that 2018 was an anomaly in how many data breaches were reported and the number of records exposed. The 2019 reporting year sees a return to the pattern of the ever-increasing number of breaches and volume of records exposed. Because that means more consumers are becoming victims, the ITRC will continue to help them by providing guidance on the best ways to navigate the dangers of exposed personally identifiable information (PII) from a data breach and the risks of identity crime as a result.”
“This year’s report paints a mixed view of the landscape as we continue to work with businesses and consumers alike to thwart cyber criminals and contain their damage,” said Matt Cullina, CyberScout’s EVP of Strategic Partnerships and Managing Director of Global Markets; and Board Chair of the Identity Theft Resource Center. “The overall increase in breaches is certainly concerning. However, the extraordinary drop in the number of records exposed and the incredible feat of cutting the sensitive PII exposed by two thirds, indicates that we may be moving in a good direction with regards to the extent of the damage associated with breaches. Businesses and consumers need to continue to be vigilant in
protecting data and systems, ensuring they have current protections in place, because even non-sensitive data exposure can lead to more serious issues.”
Another critical finding was that “hacking” was responsible for the highest percentage of data breaches (39 percent) and the highest number of non-sensitive records exposed (81 percent). “Unauthorized access” was the second most common breach method identified with nearly the same percentage as hacking at 36.5 percent. Unauthorized access continued to be a catch-all category with little transparency on the actual method of intrusion throughout 2019.
For the second straight year, the business sector had the most data breaches (644), while the medical/healthcare sector had the second most (525). The government/military sector had the fewest amount of breaches in 2019 at 83.
The ITRC has also now tracked over 10,000 publicly-notified data breaches since 2005, hitting that milestone in the spring of 2019.
Download the 2019 End-of-Year Data Breach Report.
For anyone that has been a victim of a data breach, the ITRC recommends downloading its free app to manage the various aspects of an individual’s data breach case.
Consumers and victims can receive free support and guidance from a knowledgeable live-advisor by calling 888.400.5530 or visiting to live-chat.
Identity Theft Resource CenterCharity LaceyVP of CommunicationsO: 858-634-6390C:
About the Identity Theft Resource Center
Founded in 1999, the Identity Theft Resource Center® (ITRC) is a nationally recognized non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cybersecurity, scams/fraud and privacy issues. Through public and private support, the ITRC provides no-cost victim assistance and consumer education through its contact center, website, social media channels, live chat feature and ID Theft Help app. For more information, visit:
About CyberScout
Since 2003, CyberScout® has set the standard for full-spectrum identity, privacy and data security services, offering proactive protection, employee benefits, education, resolution, identity management and consulting as well as breach preparedness and response programs. CyberScout products and services are offered globally by 660 client partners to more than 17.5 million households worldwide, and CyberScout is the designated identity theft services provider for more than 750,000 businesses through cyber insurance policies. CyberScout combines extensive experience with high-touch service to help individuals, government, nonprofit and commercial clients minimize risk and maximize recovery.

Share article on social media or email:

How to Spot Data Breach Warning Signs to Protect Your Business

NYC area retail technology expert offers 5 steps to discover data security breaches earlier to save money and protect business reputation—in a new article from eMazzanti Technologies(PRWeb January 08, 2020)Read the full story at

BIA Wins Best in Biz Award for Its Data Breach Discovery™

Data Breach Discovery is able to quickly and accurately identify custodians and specific data, thus complying with regulations and reducing the risk of inadequately notifying affected individuals. The Best in Biz judges agreed, including it as one of the Most Innovative Services of the Year.

NEW YORK (PRWEB) December 11, 2019
BIA, a leading national eDiscovery and digital forensics company, announced today that the company has been named a bronze winner for Most Innovative Service of the Year in the Best in Biz Awards, the only independent business awards program judged by prominent editors and reporters from top-tier publications in North America. The award is for the company’s Data Breach Discovery™ service, which was launched in 2019.
With more than 700 entries, the 9th annual award program attracted a record number of entries from an impressive array of public and private companies of all sizes and spanning all geographic regions and industries in the U.S. and Canada. Best in Biz Awards 2019 honors were conferred in 80 different categories.
“We are honored and excited to be recognized for our work in helping companies respond to data breaches. We pride ourselves on being a company of innovators, and this latest award for Innovative Service of the Year is further proof that we are living up to those standards,” said BIA’s President and CEO Brian Schrader. “Our Data Breach Discovery service provides an uncommon, but needed, approach to data breach response, saving our clients time, money and any further grief from breach or compliance issues.”
Data breaches have become extremely common and their effects run deep and wide. In 2018 there were an astounding 2,216 data breaches reported worldwide, according to Verizon’s 2019 Data Breach Investigations Report. Each breach costs the affected company an average of $3.92 million, according to IBM Security’s 2019 Cost of a Data Breach Report.
Because of the high risk to personally identifiable information (PII) – including names, phone numbers, email addresses or even license and social security numbers – national and state governments have established regulations to minimize the damage from data breaches. The regulations require infringed companies to identify stolen data and notify affected individuals within a very short timeframe. When a company with sensitive data is hacked, it’s crucial to act quickly and correctly. However, few companies have access to technology that allows them to quickly dive into all data, find specifically who was affected and what of their information was taken, and provide the necessary reporting back to the government and stakeholders.
That’s why the eDiscovery and digital forensics experts at BIA established Data Breach Discovery in early 2019. This innovative service combines cybersecurity methodologies, eDiscovery technology and proprietary, defined workflows to quickly, securely and cost-effectively identify data that was compromised during a breach.
“Our company was already using multiple sophisticated technologies and data management processes for digital forensics, electronic discovery and in-depth analytics in litigation. We realized we could use our existing technologies and people and could modify processes to provide a new service – one that, unfortunately, is needed more and more often,” said Schrader. “Data Breach Discovery – including data collection and assessment, advanced text analytics, cutting-edge database analysis, end-to-end review and forensic investigation – pinpoints compromised data and ensures quick, accurate notification to affected custodians.”
Most data breach response providers don’t include the identification of compromised individuals in their services or specifics about what of each person’s information was affected. Until recently, companies and their legal teams were required to identify and alert all parties on their own. Improperly doing so or taking too long to do it – some states require notification within 30 days – could result in charges of intentionally withholding information, punishable by massive fines.
Data Breach Discovery is able to quickly and accurately identify custodians and specific data, thus complying with regulations and reducing the risk of inadequately notifying affected individuals. The Best in Biz judges agreed, including it as one of the Most Innovative Services of the Year.
Since the program’s inception in 2011, Best in Biz Awards’ entrants have spanned the spectrum, from the most innovative local companies and start-ups to some of the most recognizable global brands. The 2019 judging panel included, among others, writers from Accounting Today, AdWeek, Associated Press, Barron’s, Consumer Affairs, eWeek, Healthcare Innovation News, Inc., Investment Advisor Magazine, USA Today and Wired.
For a full list of gold, silver and bronze winners in Best in Biz Awards 2019, visit:
About BIAAs an industry pioneer, BIA continues to set the standard for reliable, innovative and cost-effective eDiscovery services. Its customer-first focus has resulted in countless innovations copied widely across the industry today. From technical innovations like truly remote data collections and the first cloud-based end-to-end eDiscovery platform, to service revolutions like reusing data and coding across matters and hiring dedicated, full-time employees for document review, BIA consistently stands at the leading edge of the industry. Founded by legal and technology professionals, BIA provides the entire spectrum of eDiscovery services – including attorney document review – with minimal disruption to its clients’ daily business operations. To learn more, visit BIA at or on Twitter at @biaprotect.
About Best in Biz AwardsSince 2011, Best in Biz Awards has maintained its premier status as the only independent business awards program judged by a who’s who of prominent reporters and editors from top-tier publications from North America and around the world. Over the years, Best in Biz Awards judges have ranged from Associated Press to the Wall Street Journal and winners have spanned the spectrum, from blue-chip companies that form the bedrock of the world economy to local companies and some of the most innovative start-ups. Each year, Best in Biz Awards honors are conferred in two separate programs: North America and International, and in 80 categories, including company, team, executive, product, and CSR, media, PR and other categories. For more information, visit:

Share article on social media or email:

MountainTop Data's Sky Cassidy Warns of “Data Vampires” in Light of 1.2-B Record Data Breach

Data expert Sky Cassidy warns businesses of potential “Data Vampires” that can siphon information straight to competitors.

“If most executives learned one of their employees were giving away intellectual property, such as client or prospect information, they would consider it a fire-able offense. That sheds a whole new light on these practices that were one considered OK.”

LOS ANGELES (PRWEB) December 02, 2019
Today’s world revolves around data. The newest 1.2 billion record PDL data breach proves that point [1]. Many entities, such as governments, social media, banks, retailers and every other type of organization involve themselves with the collection and analysis of personal data. There isn’t necessarily anything wrong with companies having this data, marketers typically use it to help create better and more relevant experiences. “Clean, accurate data is the backbone of a successful sales pipeline,” says Sky Cassidy of data intelligence leader, MountainTop Data. “But some companies will do just about anything to get this data, we see it in social media sites, but there are also hidden data collection programs buried in many companies’ sales teams.” If you found out your employees were selling your client, prospect, and employee data you would probably press charges. But this is exactly what’s happing in many companies, to the tune of 40M+ records [4] per day. The only good news is your employees aren’t doing it out of malice or greed—they just don’t know.
The sheer volume of data traveling through cyber space and between networks can cause problems—namely, data breaches happen. Data can get lost, stolen or compromised by people with bad intent. Witness the recent massive information leakage where over 600 million records from PDL, a collection of profiles including home and mobile phone numbers, email addresses, work histories based on LinkedIn profiles, and other social media profiles like Twitter and Facebook, were breached.
But an overlooked data breach is the one invited into your company. The sales and marketing apps that pose as useful tools but are really scraping data [3] directly from your company emails. As with data issues in social media this data theft is done by recognizable companies, companies you might even be paying for services while they scrape your sales and marketing pipelines to sell to your competitors.
European lawmakers answered the call to protect individual personal information in May of 2018 when countries agreed to the General Data Protection Regulation (GDPR). Individuals were given rights to have easier access to the data companies that hold their information. In short, organizations now have a responsibility to obtain the consent of people they collect information about. Noncompliance can result in fines [1].
In the US, the California Consumer Privacy Act (CCPA) is set to become law on January 1, 2020. Similar to the GDPR in Europe, the CCPA will give people more control of their private information. Specifically, consumers in California will have:
The right to access information. People will be able to know what information about them was collected and sold, who it was sold to and why it was collected.
The right to deletion. Consumers can demand a company delete their data.
The right to opt-out. Consumers can demand a company not sell information about them.[2]
Good news for consumers but businesses beware.
Although the GDPR and CCPA may be good news for consumers it’s unclear what if anything these laws will do to prevent companies from the type of business data collection referred to above. The impact on how this will affect software apps or other companies that offer “free access” to their platform, or data, in exchange for having the ability to scrape content and signatures from a company’s email account is yet to be explored. According to Cassidy, the most effective means to combat this technically legal type of “data theft” is to limit the apps your employees can install to approved ones and to make sure you know how apps and plugins are using your data.
”Some companies may be collecting information on enterprises your business is talking to and selling it to your competitors as intent data (behavioral information collected about an individual’s online activities). They may be collecting intellectual property information from your emails as well. Basically you’ve invited a data vampire in,” said Cassidy.
Giving “free access” to one’s data in exchange for scraping through emails, is data violation according to MountainTop executives. One should read the fine print. Such companies often only provide an insignificant amount of data themselves but could be scraping every contact in your pipeline. What seems like no big deal to an individual account manager, is likely a huge problem to a company’s protection of its intellectual property.
“If most executives learned one of their employees were giving away intellectual property, such as client or prospect information, they would consider it a fire-able offense,” Cassidy says. “That sheds a whole new light on these practices that were one considered OK.”
Cassidy proffers FIVE MAJOR TIPS to companies reviewing their data privacy and NDA policies:1. Have clear-cut policies and protocols in place at executive level regarding the protection of your data;
2. Train your staff on these protocols and set clear-cut policies on actionable offenses if violated;
3. Review all online platforms, software apps and other database subscriptions on how they collect and use your information and protect your privacy—compare it against your policies and protocols and ensure your IP is legally protected;
4. Read the fine print—don’t give up any data in exchange for free access to a software platform or a database;
5. And lastly—lock down the ability to sign up for free accounts company-wide and put in place an approval chain of command that is based on your policies and protocols set at executive level.
Data is the primary goldmine for all companies. In today’s data-breach world, protecting data is new territory.
Take charge. Be vigilant.
About MountainTop Data:MountainTop Data, headquartered in Los Angeles, CA, has been providing data services for B2B marketing for almost two decades. With an unrelenting commitment to quality they were the first company to guarantee the accuracy of their licensed data and business emails. They provide marketing lists, data cleaning, data appending, and data maintenance and email campaign management services. Their data services have been used by some of the world’s biggest brands across a multitude of various industries from multi-national telecommunication companies to office technology, to PR firms and more. For more information visit:
1. Aten, Jason. “An Enormous Data Breach Left the Personal Information of 1.2 Billion People Sitting Out in the Open.”, Inc., 25 Nov. 20192. Rapp, Lisa, et al. “What Is CCPA (California Consumer Privacy Act) and What Does It Mean to Marketers?” RampUp, 3 Oct. 2019.3. Carr, David F. “ZoomInfo Plug-In Siphons Contacts From Outlook.” InformationWeek, Information Week, 1 Apr. 2011.4.

Share article on social media or email: