Quantcast
Are Data Breaches Becoming More Common?

Numbers from breach notification site Vigilante.pw indicates that data breaches really are becoming more frequent.

It feels as if data breaches are becoming more and more frequent. Pretty much every week recently, a website has announced it was hacked, or a dump of user data has been listed for sale online.

According to data from one breach notification site, that perception may be right. Listings on Vigilante.pw, a site that provides an archive of consumer-focused hacks stretching back to 2007, suggest that data breaches have become more frequent over the past few years.

These breaches include things like passwords, email addresses, and other personal information, and can affect pretty much any type of site you can imagine: gaming, shopping, and education sites, and social networks. The list stretches on and on, covering just under 1,300 different breaches in all at the time of writing.

According to Keen, the pseudonymous owner of Vigilante.pw, there were 64 dumps in 2011, followed by 71 in 2012, 107 in 2013, and 158 in 2014. But the following year, the number of breaches nearly doubled to 317. This year, there have been 183 breaches so far.

"There's definitely loads of data that I'm missing, but i think 1,300 DBs is a decent sample size," Keen told Motherboard in an online chat.

Vigilante.pw does echo other datasets related to breaches, although the data are not exactly comparable. A report from cybersecurity company Trend Micro that looked at breach disclosures by companies from 2005 to 2015 found a steady increase over time. That could have been due to more businesses coming online, the different times at which states implemented data breach notification laws, or perhaps criminals are indeed just hacking more.

Of course, Vigilante.pw's data is not complete. It's very likely other data breaches haven't been picked up by the site, or perhaps any sort of breach notification service. Indeed, the years-old hack of Myspace only just surfaced in May.

"I don't think anything is getting better, that much is pretty clear."

The database also has 374 entries marked as "unknown year," so it's not clear where those other results might land. And, as Keen pointed out, "as time goes by, older data loses it value and thus it's traded less often." So dumps from, say, pre-2010 are less likely to be swapped and collected in the digital underground today.

But as for why the number of data breaches may have jumped in recent years, one reason is the increasingly popular scene around the collection and trade of data. "Right now there's a much bigger database leaking/trading scene than ever before," Keen said.

Security researcher Troy Hunt, who maintains the site Have I Been Pwned?, said that did seem to be the case, but that it's only anecdotal evidence.

"There are a lot of different people playing in this scene," he told Motherboard in a phone call.

He's also noticed an increase in the number of people coming to him with data breaches recently—although that may be due to increased awareness rather than a higher number of incidents.

It's also worth noting that simply the quantity of data breaches may not be the best metric for analysing the impact of hacks over the years. The breaches of Hacking Team, Ashley Madison, and Sony included a lot more than just email addresses or usernames, for example. These breaches included a vast cache of emails and documents—the release of which was arguably more consequential than, say, the passwords for an online gaming site.

"I don't think anything is getting better, that much is pretty clear," Hunt said, and pointed to ancient attack vectors, such as SQLi, that still lead to massive breaches.

"There's a lot of stuff out there that we don't even know about."

The Hacks We Can't See is Motherboard's theme week dedicated to the future of security and the hacks no one's talking about. Follow along here.