Technology

Data Breaches Expose 34 Million Records to Date; Army Wants to Be Hacked

Paul Ausick

Published: November 28, 2016 1:05 pm

Last Updated: January 12, 2020 5:22 pm

Last week the U.S. Department of Defense launched a “white hat” hacking program to test the security of its public websites. The DoD also launched a new program, called “Hack the Army,” that follows a similar program launched last April called “Hack the Pentagon” that allowed about 1,400 Pentagon-approved hackers to test the security of five DoD websites for security vulnerabilities.

The new program is open to all hackers who promise to “do no harm” when hacking into one of the Pentagon’s public websites as long as they report any vulnerabilities directly to Defense Department officials. Details on how to sign up are available at the HackerOne website.

The April program resulted in the discovery of 138 vulnerabilities, and the white-hat hackers received payments totaling $75,000 for their efforts. The “Hack the Army” program also offers a bounty on reported vulnerabilities, and instructions for signing up are also available from a different link at HackerOne.

The latest data breach count from the Identity Theft Resource Center (ITRC) reports that there have been 901 data breaches recorded this year through November 22, 2016, and that more than 34 million records have been exposed since the beginning of the year. The total number of reported breaches increased by 28 since ITRC’s last report on November 9.

The number of breaches in 2015 totaled 781, just two shy of the record 783 breaches that ITRC tracked in 2014. The 901 data breaches reported so far for 2016 are nearly 27% higher than the number reported (710) for the same period last year. A total of more than 169 million records were exposed in 2015.

Here’s a rundown of the latest ITRC report:

• The medical/health care sector leads all sectors in the number of records compromised to date in 2016. The sector has posted 36.5% (314) of all data breaches to date this year. The number of records exposed in these breaches totaled tops 14.6 million, or about 42.9% of the total so far in 2016.
• The government/military sector has suffered 61 data breaches so far this year, representing about 37.8% of the total number of records exposed and 6.8% of the incidents. Nearly 13 million records have been compromised in the government/military sector to date in 2016.
• The business sector accounts for more than 5.5 million exposed records in 397 incidents. That represents 44.1% of the incidents, and 16.2% of the exposed records.
• The number of banking/credit/financial breaches totals 37 for the year to date and involves about 72,000 records, some 4.1% of the total number of breaches and about 0.2% of the records exposed.
• The educational sector has seen 77 data breaches in 2016. The sector accounts for 8.5% of all breaches for the year and more than 1 million exposed records, about 2.9% of the total so far this year.

Since beginning to track data breaches in 2005, ITRC had counted 6,711 breaches through November 22, 2016, involving more than 885 million records.