While consumers have been inundated with Covid-related scams and identity theft, the number of publicly reported data breaches actually dropped during the first half of this year.
In the past 6 months, there have been 540 publicly reported data breaches, a 33% drop from the number reported during the first half of 2019, the Identity Theft Resource Center found. Additionally, the number of people who have been impacted by data breaches dropped by 66%.
“The decrease in the number of data breaches and individuals impacted is good news for consumers and businesses overall,” says Eva Velasquez, president and CEO of the Identity Theft Resource Center. While there have been years as recently as 2018 when there was a “pause” in the rate of data breach increases, the first six months of 2020 represented a “significant drop” in the number of overall hacks, Velasquez tells CNBC Make It.
Some of the biggest data breaches so far in 2020 include the one announced by hotel chain Marriott in March that potentially affected over 5 million customers, as well as the Nintendo hack announced in June that compromised 300,000 user accounts since April.
While there is never any one reason why the number of data breaches goes up or down, the dramatic shift from working in-office to working remote has had a big impact, Velasquez says. “Organizations are on high alert, looking for the signs of a cyberattack,” Velasquez says.
Companies are also making sure their teams are hyper-focused on phishing and other forms of attacks and scams that can lead to a data breach, she adds. Plus, working remotely means that internal bad actors don’t have the same kind of easy access to data and systems that they would if they were still in an office setting.
Hypervigilance, rather than under-reporting, is the key reason for the drop in hacks, Velasquez says. There is always a time lag between when breaches occur, when they are discovered and when they are reported. That means “there is no greater risk of missing a breach than usual,” she says. “Even if there were a significantly longer lag time right now, it would not account for the big drop in the volume of reported breaches.”
Although the number of new data breaches is low, cyber crime has not slowed, Velasquez says. That may be another reason why the number of data breaches is low: Criminals already have the information they need. During the pandemic, fraudsters have spent time using the information they already have from previous breaches to execute a variety of schemes, specifically those related to Covid-19, the ITRC found.
Since January, the Federal Trade Commission has received over 125,000 complaints of scams and fraud schemes related to Covid-19. The total loss for this fraud tops $80 million, with victims losing a median amount of $274 as of July 9.