During the first nine months of 2018, roughly 3.6 billion records were exposed in 3,676 security breaches according to Risk Based Security's 2018 Q3 Data Breach QuickView Report.
"Compared to the same point in 2017, the number of reported breaches is down 8% and the number of exposed records is down approximately 49% from 7 billion," says the report.
Moreover, out of the almost 4,000 breaches reported until the end of September 2018, seven incidents accounted for no less than 100 million records being stolen or accessed by bad actors.
When it comes to the most prevalent breach types, hacking incidents were responsible for the highest number of breach events, with hackers being accountable for 57.1% of reported breaches.
Also, according to Risk Based Security, "Fraud remains in the top spot for the breach type compromising the most records, accounting for 35.7% of exposed records."
The Business sector was the most affected, with 38% of them have experienced at least one data breach event
The sectors most affected by security breaches until the end of Q3 2018 were the Business sector which was targeted in 38% of all reported breaches, followed by Government organizations with 8.2%, Medical-related institutions with 7.8%, and Education organizations being attacked in 3.9% of all breach incidents.
"Overall the gap has been closing between when a breach is first discovered by the responsible organization to when the breach is first publicly disclosed," also states the report.
"However, looking at the averages for each of the five years, 2018 shows no improvement compared to 2017 despite mounting regulatory pressure to speed up public disclosure."
Between January and September 2018, security breaches exposed email addresses in 48,3% of incidents and passwords in 44,2% of all breach events, showing that data breaches are a very lucrative business for bad actors who intend to collect and create credentials databases.
The lack of transparency when it comes to disclosing breaches was still a huge factor during the first nine months of 2018, "with 34.5% of breached organizations unwilling or unable to disclose the number of records exposed."