The Channel logo


By | John Leyden 16th March 2015 20:01

One BEEEEEELLION sensitive records went AWOL in 2014

Vulns also soar; IBM blames 'apathetic developers'

At least one billion records of personally identifiable information (PII) were leaked in 2014, according to IBM X-Force.

The total number of records compromised in 2014 was more than 25 per cent higher than in 2013, when 800 million records were leaked. Three in four (74.5 per cent) of these incidents took place in the United States.

The quarterly report, published on Monday, also logged more than 9,200 new security vulnerabilities affecting more than 2,600 unique vendors in 2014 – a 9.8 per cent increase over 2013 and the highest single yearly total in the 18 years of the report's history.

IBM's security researchers attributed the growth primarily to "security apathy amongst developers, who have been slow to patch applications, despite warnings and increasing awareness of vulnerabilities". For example, 10 of the 17 banking applications (59 per cent) using Apache Cordova initially tracked in October 2014 were still vulnerable in January of this year.

Overall 2014 saw a surge in the disclosure of "designer vulns" (Heartbleed, Shellshock etc.) and security incidents targeting more than financial gains, IBM X-Force concludes.

The full IBM X-Force Threat Intelligence Quarterly report is available here and summarised in a blog post here. ®

comment icon Read 2 comments on this article or post a comment alert Send corrections


Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral


STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock
Honest mistake with your licensing? Audit police look at it on a 'case by case basis'