Retail suffered more data breaches than any other industry last year, Trustwave says.
E-commerce represented the top target last year for criminals seeking cardholder and other personal information that could be used for fraud, according to a new report from Trustwave.
The Internet security firm’s “2013 Global Security Report” found that e-commerce sites accounted for 48% of systems targeted by such criminals last year. Point-of-sale and payment-processing systems accounted for 47%; data centers and corporate infrastructure 4%; and ATMs 1%.
Trustwave based its findings on more than 450 data breach investigations it conducted in 19 countries last year. Those attacks originated from 29 countries, with the largest percentage—33.4%—coming from Romania. In second place was the United States, the source of 29.0% of the attacks. The United States, meanwhile, accounted for the largest percentage of victims, at 73.0%. In second place was Australia, at 7.0%.
By industry, most of the data breaches analyzed by Trustwave targeted the retail industry, which accounted for 45% of those breaches. In second and third places were the food-and-beverage industry and the hospitality industry, respectively, followed by financial services and nonprofits. Trustwave did not immediately provide the percentages for industries other than retail.
Overall, 96% of data breaches investigated by Trustwave targeted payment card data. Other targets included confidential records and intellectual property (2%), electronic-protected health information (1%), business financial account numbers (1%).