The first three months of 2024 saw 841 publicly reported “data compromises” – up 90% on the same period last year, according to the Identity Theft Resource Center (ITRC).
The non-profit said that although the number of data breaches, exposures and leaks was up on Q1 2023, the total victim count decreased 72% annually to 72.5 million, and 81% from the previous quarter.
Cyber-attacks were the main cause of these incidents once again, accounting for 642 breaches and 28.3 million victims. System and human error was blamed for 85 incidents and around 181,000 victims.
Supply chain attacks continue to cause significant challenges for US organizations. The number of companies impacted by these threats more than tripled in Q1 2024 versus the same period in 2023.
Read more on breaches: US Smashes Annual Data Breach Record With Three Months Left
Fifty new supply chain breaches impacted 243 organizations and around 7.5 million victims, compared to 73 organizations and 11.4 million victims in Q1 2023.
Financial services was the hardest hit industry in terms of overall data breaches, followed by healthcare and professional services. Financial services breach notices tripled year-on-year to 224, while 100 compromises impacted professional services firms – more than double the figure a year ago.
Eva Velasquez, president and CEO of the ITRC, described the results as concerning.
“The decrease in victims impacted is a bit of good news, though still too high,” she added.
“We believe it is due to identity criminals launching more targeted attacks, which differ from tactics used five to 10 years ago. With that said, it is critical that businesses and consumers continue to practice good password hygiene and transition to Passkeys when possible.”
Passkeys have been touted as an easier and more secure way for users to log-in to their accounts, using biometric authentication or screen lock. In January, X (formerly Twitter) became the latest major platform to join the FIDO technology ecosystem for US iOS users.