Breach, Threat Management

Data breaches may be underestimated amid prolonged reporting

A Flashpoint and Risk Based Security report showed that the total number of data breaches has dropped by 5% from 2020 to 2021, according to TechRepublic. However, the decline may be erroneous and the number of incidents may be underestimated as breaches take longer to report, said Flashpoint Cybersecurity Intelligence Analyst Ashley Allocca.

"The time it takes to report a breach, coupled with the lingering effects of a drop-off in media coverage and more ransomware attacks that can be kept out of public view, has undoubtedly played a role in the decline in publicly reported breaches," said Alloca.

While the average length for breach disclosures dropped from 91 days in 2014 to 49 days in 2017, it has risen since the implementation of the General Data Protection Regulation in 2018, reaching 89 days last year, the report showed.

"Complex incident investigations, weak enforcement and a deliberate blindness to notification obligations appear to be at the root of the delays," said Risk Based Security Executive Vice President Inga Goddijn.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.