Reported Data Breaches Falling Fast; Cryptojacking and GDPR Likely ‘Culprits’

The number of reported data breaches dipped in the first quarter of 2018, even as the total of records compromised in the quarter remaining high, at 1.4 billion. Researchers were intrigued by the numbers, but Bitdefender telemetry might hold some clues about the drop, while the looming General Data Protection Regulation (GDPR) is likely also responsible for the swoon.

The number of breaches disclosed in the first three months of 2018 fell to 686, from 1,444 in the same period of 2017, according to the Q1 2018 Data Breach QuickView Report from Risk Based Security. According to the authors, “2018 has been the quietest first quarter for breach activity since 2012, begging the question why?”

One cyber-threat cancels another

The researchers found that Q1 2017 saw over 200 instances of phishing for employee W2 data, while just over 30 such events had been reported in the first four months of 2018.

The authors speculate that shifting cybercriminal tactics might be at play, with crypo-mining malware and cryptojacking playing a part in the reduced number of data breaches.

“While there is no direct data linking the rise of crypo-miners to a reduction in data breach activity, there are tantalizing bits of evidence that lead us to believe there is some level of relationship at play here,” according to the report.

Bitdefender telemetry from August 2017 to February 2018 shows a significant drop in ransomware incidents and a surge in coin miner detection. It is also worth noting that cryptojacking detections currently outpace ransomware detections by two orders of magnitude. That’s because crypto-mining code is far easier to place, targeting vulnerable websites, rather than ransomware, which is deployed per user.

Some reports estimate that the number of websites and domains hosting the crypto-miner Coinhive grew 725% percent in the same time frame, suggesting that hundreds of thousands of websites were compromised and rigged to mine virtual currency using visiting users’ computing resources.

GDPR breathing down decision makers’ necks?

Researchers also wanted to know how ready organizations are able to comply with Article 33 of the GDPR (the 72-hour notice) and found that the average number of days between discovery and disclosure has been steadily declining year-over-year.

“However at a current average of 37.9 days, the analysis shows there is still work to be done to meet the obligation to report a breach to the authorities within 72 hours of becoming aware of the event,” the report reads.

With the regulation kicking into full gear in two weeks, it will be interesting to see how many organizations can say they are 100% compliant. Some studies are more optimistic than others, but most experts agree things are not looking good for many organizations targeted by the GDPR.