More than 20 million records were exposed in the Australian breaches, which put the country again fifth on the list of countries by exposed records.
The breach of India's Aadhar database, which holds biometric data for most of the country's 1.3 billion people, took spot for the number of records exposed in a breach, at about 1.3 billion.
The UK (62 breaches) was second on the global list of breaches, followed by Canada (48) and India (45). France (16) took the sixth spot, followed by Germany (15), Brazil (11), Denmark (8) and New Zealand (7).
The US had a total 1.03 billion of records exposed in breaches, to be second after India, followed by Germany (120 million) in third place.
"(The year) 2018 has been a curious year. After the wild ride of 2017, we became accustomed to seeing a lot of breaches, exposing extraordinary amounts of information. 2018 is remarkable in that the number of public disclosed breaches appears to be levelling off while the number of records exposed remains stubbornly high,” said Inga Goddijn, executive vice-president of Risk Based Security.
“It’s not easy to characterise 2.6 billion records exposed as an improvement, even if it is less than the six billion exposed at this time last year.”
Other global highlights of the report:
- The number of disclosed instances targeting employee W-2 forms remained low, with 42 such breaches reported through Q2 2018 compared to 239 for the corresponding period in 2017.
- The business sector accounted for 40% of reported breaches, followed by medical (8.3%), government (8.2%) and education (4.5%). Nearly 40% of breached organisations could not be definitively classified.
- Five breaches exposed 100 million or more records, accounting for approximately 2 billion of the 2.6 billion total exposed records.
- The business sector accounted for 52% of the records exposed followed by Government at 2%. The pattern from 2017 remains the same, with the medical and education sectors combined accounting for less than 1% of the total records exposed through the first six months of the year.
- Fraud remains in the top spot for the breach type compromising the most records, accounting for 47.5% of exposed records, while hacking takes the lead in number of incidents, accounting for 54.6% of reported breaches.
"While we expect hacking to remain the leading cause of data loss, we can’t lose sight of the damage that can come from accidental exposure," said Goddijn.
"Misconfigured services, exposed S3 buckets and even improper email handling have led to more than their fair share of recent breaches. This type of data loss is easily prevented and protecting against it is nearly entirely within the organisation’s control. It shouldn’t be overlooked in the quest to prevent external attacks.”
Graphics: courtesy Risk Based Security