A decade's worth of security breaches, visualized

It seems that not a week goes by without yet another report of a data breach. The sheer number of data loss is staggering, but sometimes it's hard to comprehend just how much of our personal data is being stolen.

If you subscribe to the "picture is worth a thousand words" idea, then we suggest you head over to InformationIsBeautiful.net to see for yourself. The folks over there have compiled a list of all data breaches of over 30,000 records that occured within the past decade and applied some interesting visualization techniques to it. By default, the size of each individual bubble is tied to the number of records lost during the breach, but that can be changed to instead display based on the sensitivity of the lost data. The site also allows you to filter based on the type of organisation (academic, tech, government, etc) and the method of data leak (hacking, lost/stolen computers, virus, etc). Most of the bubbles can be clicked on to provide more information on each of the breaches.

Reading about individual attacks just isn't the same as watching large circles float on the screen, the size of each related directly to the scale of the attack, and some interesting information can be gleaned with a few clicks of a mouse. For example, for all of the talk about viruses, they were only responsible for a single large breach: Massachusetts Government. It's also interesting to note that it appears most of these large security breaches revolve around government agencies and healthcare, and not surprisingly, they're also some of the most sensitive data being lost/stolen.

It's an interesting visualization of the security world and definitely worth taking a few minutes to explore.

Source: Information Is Beautiful | Image via Information is Beautiful

Report a problem with article
Previous Story

BBM comes to Samsung Galaxy devices in desperate bid for relevancy

Next Story

Microsoft: Windows Phone passwords can be accessed via rogue WiFi hotspot


Commenting is disabled on this article.

Brony said,
FUD in action. Sheesh!.

I'll probably regret this, but what the hell, I'll bite.. how is it FUD exactly? These are all documented, many times this site even gives you a link to where you can get more info on it. Or Google, that works too.

As far as Wordpress goes.. well that's kinda hard, a lot of those that get hacked aren't hosted by Wordpress, and a majority is probably due to a problem in an addon, that's out of WP's control (just like any other program that can be made insecure with third party modification, nothing unique to WP), and typically winds up in site defacement anyway, not data being stolen.

Brony said,
FUD in action. Sheesh!.

What i can add is Wordpress.

This chart isn't about the underlying technologies that failed, it is only about companies and products. Sadly, wordpress wouldn't show up as a 'product' in this context.

Apache, PHP, FreeBSD, OpenBSD, and Linux were also key 'products' that were exploited in many of these, but since the focus in on the upper layer product and company, they are not identified either.

For example:
Sony was the victim of several issues ranging from their modified Linux & FreeBSD Servers running on Novell VMs, their custom database technology and even higher level IFrame exploits.

they gave ubisoft a large portion/measure? but dont know how many have actually happened... how can i take this graph seriously? just seems like someone got bored and started playing with bubbles....

I see too much Sony on this, this is why I can't go with the PS4, the Xbox One and Microsoft have a lot of servers, and I believe their backend, and their experience is far better.

The image is zoomed in, so you can't see it, but there's actually a huge white circle engulfing them all that says NSA.

That was the first thing I noticed. I'm sorry but I'll trust Microsoft and the XBox One over the PS4 for security/NSA spying anyday.


Drewidian said,
That was the first thing I noticed. I'm sorry but I'll trust Microsoft and the XBox One over the PS4 for security/NSA spying anyday.

It's not the number of individual breaches being listed but the number of accounts affected. (Edit: Derp, posted at the same time.)