Skip to content ↓ | Skip to navigation ↓

The United States takes the number one spot worldwide in data breaches disclosed last year, revealed a new report analyzing breach activity in 2016.

Risk Based Security’s annual report released on Wednesday found that the U.S. accounted for nearly half – 47.5 percent – of all incidents, and a whopping 68.2 percent of all exposed records.

Close to 2,000 breaches came from the United States last year – almost tenfold the total breaches that originated from the United Kingdom, which ranked number two with just 204 incidents.

2016 Incidents by Country - Top 10
Source: Risk Based Security

Furthermore, the report noted that from these U.S. breaches, a staggering 2.91 billion records were exposed, the majority due to the high-profile hacks at Yahoo, FriendFinder and MySpace.

Russia ranked second in the most records exposed, with a significantly lower 259 million.

2016 Exposed Records by Country – Top 10
Source: Risk Based Security

It’s important to note that the U.S. is one of the the largest economies in the world, so it’s not entirely surprising that the country would experience proportionally more data breaches simply because there’s more data to be breached.

Nonetheless, as Tripwire Director of IT Security and Risk Strategy Tim Erlin explains, there may be more to it than the United States’ leading economy.

“Breaches in the U.S. surpassed other large economic players by far, meaning this likely isn’t just about proportional opportunity for incidents. For example, China and the Russian Federation – also among the world’s top economies – had significantly fewer reported breaches. However, they also have very few disclosure laws,” said Erlin.

Meanwhile, Tripwire Chief Technology Office Dwayne Melancon believes many organizations are implementing insufficient, “quick fixes” for information security.

Organizations proactively protecting and defending against breaches can benefit most by focusing on implementing foundational controls,” said Melancon.

“This includes knowing what is on the network and how it’s changing; how IT assets relate to the business; implementing a solid process to ensure systems and applications are configured securely; understanding and managing vulnerabilities; as well as implementing a continuous diagnostic and monitoring process to keep the business safe,” he added.

Until organizations adopt these fundamental security controls, the U.S. will remain at the top of the breach leaderboard, warned Melancon.