January 31, 2019

Data breaches down, consumer exposure up in 2018

data securityU.S. data breaches were down 23 percent in 2018 after hitting a record high in 2017; however, the amount of consumer personally identifiable information (PII) was up 126 percent, according to the Identity Theft Resource Center (ITRC). NAFCU – a leading advocate for national data security standards – continues to push for the adoption of data and cybersecurity standards for all entities that hold consumers' information.

Also of note from the ITRC's data: Of the five industry sectors tracked, the business category again saw the highest number of breaches – for the fourth year in a row – with 571. The medical/healthcare industry came in second place with 363 of the total number of breaches, but it had the highest rate of consumer exposure per breach. More than 446 million consumer records were exposed in 2018.

The report from ITRC also mentioned the Marriott International data breach, which was one of the largest breaches of personal data. Following news of this data breach, NAFCU urged leaders of the Senate Banking and House Financial Services Committees to take action on a national data security standard.

NAFCU has long been active with lawmakers on this issue, and was the first group after the massive 2013 Target data breach to call for a legislative solution to reform the nation's data security system. Both the House Financial Services Committee and Senate Banking Committee have identified data security legislation as a priority for the 116th Congress to ensure consumers are protected.