IT Governance’s research found the following for February 2024:
- 712 publicly disclosed security incidents.
- 719,366,482 records known to be breached.
After January’s 29.5 billion records breached, following the MOAB (mother of all breaches), 719 million records for this month seems comparatively small.
The number of records breached is also small compared to January’s numbers excluding the MOAB – 3,530,829,011 known records breached. However, the number of publicly disclosed incidents is similar: 769 (January, excluding MOAB) vs 712 (February).
February saw two outlier breaches, which combined accounted for 79% of this month’s breached records:
- Zenlayer’s publicly exposed database, containing 384,658,212 records.
- Pure Incubation Ventures, which allegedly* had 183,754,481 records go up for sale.
*The threat actor provided 100,000 records as a sample.
Free PDF download: Data Breach Dashboard
For a quick, one-page overview of this month’s findings, please use our Data Breach Dashboard:
Note: To make these numbers as informative as possible, we’ve used the non-MOAB figures for January.
You can also download this and previous months’ Dashboards as free PDFs here.
This blog provides further analysis of the data we’ve collected. We also provide an annual overview and analyse the longer-term trends on our 2024 overview of publicly disclosed data breaches and cyber attacks.
You can learn more about our research methodology here.
Top 10 biggest breaches
Note 1: Where ‘around’, ‘about’, etc. is reported, we record the rounded number. Where ‘more than’, ‘at least’, etc. is reported, we record the rounded number plus one. Where ‘up to’, etc. is reported, we record the rounded number minus one.
Note 2: For incidents where we only know the file size of the data breached, we use the formula 1 MB = 1 record. Given that we can’t know the exact numbers, as it depends on the types of records included (e.g. pictures and medical histories are considerably larger files than just names and addresses), we err on the side of caution by using this formula. We believe that this underestimates the records breached in most cases, but it is more accurate than not providing a number at all.
Sector overview
For our monthly analyses, we look at the top 5 most breached sectors by number of incidents and by known number of records breached.
We provide a full sector breakdown in our annual report.
Top 5 most breached sectors (by number of incidents)
Note: To make this table as informative as possible, the percentages exclude the ‘multiple’, ‘other’ and ‘unknown’ sectors. In line with this, ‘multiple’, which technically ranks in third place this month at 65 publicly disclosed incidents caused by the ResumeLooters campaign on APAC websites, has been excluded from this table and the Data Breach Dashboard.
Top 5 most breached sectors (by number of records)
Security Spotlight
To get news of the latest data breaches and cyber attacks straight to your inbox, subscribe to our free weekly newsletter: the Security Spotlight.
Every Wednesday, you’ll get a 4-minute email with:
- Industry news, including a round-up of the week’s publicly disclosed data breaches and cyber attacks;
- Our latest research and statistics;
- Interviews with our experts, sharing their insights and expertise;
- Free useful resources; and
- Upcoming webinars.