Breach Notification , Business Email Compromise (BEC) , Cybercrime

2020 Breach Statistics: An Analysis

James Lee of the Identity Theft Resource Center Discusses Reasons Behind Breach Decline
James Lee, COO, Identity Theft Resource Center

The decline in the total number of U.S. data breaches in 2020 isn't all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center's new data breach report.

See Also: The Guide to Just-In-Time Privileged Access Management

"We hit our high watermark in terms of the number of breaches in 2017," he notes. Since then, breaches have declined, including a 19% drop last year.

As more hackers focus on lucrative ransomware and business email compromise scams, they don't need to obtain as much data via breaches to be successful, he explains.

"The threat actors are changing their tactics; they don't need the massive amounts of data that they would have stolen five or 10 years ago," he says. "They're highly targeted now, and they're highly organized and sophisticated in their attack methods."

In a video interview with Information Security Media Group, Lee discusses:

  • Why a decrease in data breaches is not necessarily a good thing;
  • Details of how breaches originate online, offline and via third parties;
  • The growth in supply chain attacks and how the SolarWinds breach may impact 2021 breach metrics.

Lee is the COO of the ITRC, a nonprofit organization based in San Diego, California, that provides no-cost assistance to U.S. identity theft victims to help resolve their cases. He is the former executive vice president of Irish application security company Waratek and former senior vice president for Atlanta-based ChoicePoint, now LexisNexis. He also chaired two working groups for the American National Standards Institute on identity management and privacy.


About the Author

Nick Holland

Nick Holland

Director, Editorial

Holland, an experienced security analyst, has spent the last decade focusing on the intersection of digital banking, payments and security technologies. He has spoken at a variety of conferences and events, including Mobile World Congress, Money2020, Next Bank and SXSW, and has been quoted by The Wall Street Journal, CNN Money, MSNBC, NPR, Forbes, Fortune, BusinessWeek, Time Magazine, The Economist and the Financial Times. He holds an MSc degree in information systems management from the University of Stirling, Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.