2016 broke the previous all-time high, set back in 2013, for the number of records exposed from reported data breaches. Security firm, Risk Based Security, in a report released today says 4,149 data breaches were reported during 2016 exposing over 4.2 billion records. “There have been numerous sources discussing data breach statistics recently, however, their reported numbers are either not accurate or missing information when compared to our dataset,” says Inga Goddijn, Risk Based Security’s Executive VP. “While the number of data breaches actually remained relatively flat from last year, the big story coming out of 2016 is obviously the massive increase in the number of records exposed.”

— Report shows that breaches taking place at FriendFinder Networks, Myspace and Yahoo accounted for more than 2.2 billion records compromised… the rise of the mega breach trend continued as ninety-four (94) breaches in 2016 exposed one million or more records… 50.4% of data breaches reported only exposed between one and 10,000 records.

— Only 18.3% of data breaches that occurred were actually the result of insider activity, and Hacking continues to dominate as the leading breach type, with SQL injection the predominant method utilized. Stolen laptops, which were once a leading cause of data compromise, accounted for only 67 (1.6%) of breaches in 2016.

— Goddijn: “Another ongoing issue continues to be misconfigured databases and other inadvertent web-based disclosures as they exposed over 253 million records in 2016. As criminals expand this same technique to additional technology we expect more of this activity to come in 2017.”