Home / News I have a News Tip

Data Breaches Reported During 2016 Exposed Over 4.2 Billion Records

2016 broke the previous all-time high, set back in 2013, for the number of records exposed from reported data breaches. Security firm, Risk Based Security, in a report released today says 4,149 data breaches were reported during 2016 exposing over 4.2 billion records. "There have been numerous sources discussing data breach statistics recently, however, their reported numbers are either not accurate or missing information when compared to our dataset," says Inga Goddijn, Risk Based Security's Executive VP. "While the number of data breaches actually remained relatively flat from last year, the big story coming out of 2016 is obviously the massive increase in the number of records exposed."

— Report shows that breaches taking place at FriendFinder Networks, Myspace and Yahoo accounted for more than 2.2 billion records compromised… the rise of the mega breach trend continued as ninety-four (94) breaches in 2016 exposed one million or more records… 50.4% of data breaches reported only exposed between one and 10,000 records.

— Only 18.3% of data breaches that occurred were actually the result of insider activity, and Hacking continues to dominate as the leading breach type, with SQL injection the predominant method utilized. Stolen laptops, which were once a leading cause of data compromise, accounted for only 67 (1.6%) of breaches in 2016.

— Goddijn: "Another ongoing issue continues to be misconfigured databases and other inadvertent web-based disclosures as they exposed over 253 million records in 2016. As criminals expand this same technique to additional technology we expect more of this activity to come in 2017."

Follow CircleID on

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

To post comments, please login or create an account.



DNS Security

Sponsored byAfilias

New TLDs

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC


Sponsored byThreat Intelligence Platform

Domain Names

Sponsored byVerisign


Sponsored byVerisign


Sponsored byWhoisXML API