top of page

124 Data Breaches Were Announced in the First Two Months of 2018 Following a Record-Setting 2017

There were nearly 17 million identity fraud victims in the United States in 2017, more than ever before. This increase is likely supported by the increasing number of data breaches and stolen identity records in recent years, which is keeping up the pace so far in 2018 with 124 data breaches coming to public attention already.

There were a record number of data breaches that occurred in the United States in 2017, according to the Identity Theft Resource Center (ITRC). Likely correlated with this, Javelin Strategy and research reports the highest number of identity fraud victims recorded in the United States in 2017 at 16.7 million. This represents an increase of 1.3 million identity fraud victims from 2016 and is the highest figure recorded since Javelin began measuring this in 2003. The amount stolen in identity fraud crimes is estimated at $16.8 billion and has increased for the third consecutive year.

Notably, Javelin identified an increase in new account fraud and account takeover fraud, as fraudsters are making use of stolen identities and credentials compromised in one of the many recent data breaches. The number of account takeover victims tripled from last year while dollar losses more than doubled to $5.1 million. Account takeover fraud now represents more than 30 percent of all identity fraud losses in the United States.

Findings from the ITRC support the cause-and-effect theory that the increase in account takeover is influenced by data breaches. The number of data breaches in the United States reached an all-time high of 1,579 in 2017. This lead to the compromise of nearly 180 million records, the second-highest total recorded by the non-profit organization.

The ITRC has already cataloged 124 new data breaches since resetting the counter after a record-setting 2017. Data breaches are listed based on they became known to the public, so most of these actually occurred in 2017. This only implies that the information stolen has had time to be posted and sold on the darkweb and black market.

Read More:


bottom of page