The MediSecure ransomware attack which exposed the personal and health data of nearly 13 million Australians, has earned a place in the top 11 lobal data breaches of the first half of 2024, according to an analysis by Kiteworks.

Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network (PCN), used its Risk Exposure Index to analyze the top 11 data breaches of the first half of 2024.

The Index is a tool designed to evaluate and prioritize data breaches based on their severity and potential impact. Detailed in Kiteworks’ “Top 11 Data Breaches in 1H 2024 Report,” it goes beyond traditional metrics such as the number of records exposed or financial costs incurred.

Instead, it incorporates a range of factors to provide a more nuanced understanding of breach severity, including the type of data compromised, the extent of exposure, potential regulatory penalties, and long-term impact on brand reputation.

In conjunction with the report, Kiteworks made a Risk Exposure Calculator available on its website. This tool allows organizations to input their own data and calculate their risk exposure score, helping them better understand and mitigate potential cybersecurity risks.

“In today’s complex cybersecurity landscape, organizations need a more sophisticated approach to assessing and prioritizing data breach risks,” said Tim Freestone, Chief Strategy and Marketing Officer at Kiteworks.

“Our Risk Exposure Index offers a standardized framework for quantifying and comparing the risks associated with different data breaches, enabling organizations to allocate resources more effectively and enhance their overall security posture.”

Key findings from the application of the Risk Exposure Index to the top 11 data breaches of 1H 2024 include:

• The healthcare sector remains a prime target, with Change Healthcare’s breach topping the list with a Risk Exposure Score of 9.46 out of 10.
• Ransomware attacks continue to pose significant threats, as seen in the high-ranking breaches at Change Healthcare and Synnovis.
• The sensitivity of exposed data plays a crucial role in determining risk, often outweighing the sheer volume of records compromised. The National Public Data breach tops the list here with a 9.46 out of 10 score.
• Third-party and supply chain vulnerabilities remain a critical concern, as evidenced by the breaches affecting AT&T and Ticketmaster.

The report also highlights the diverse nature of cyber threats, from sophisticated ransomware attacks to inadvertent data sharing due to tracking codes. This diversity underscores the need for a multi-layered security approach that addresses a wide range of potential vulnerabilities.

“Our analysis reveals that the impact of a data breach extends far beyond immediate financial losses,” added Patrick Spencer, VP of Corporate Marketing and Research at Kiteworks.

“The Risk Exposure Index takes into account factors such as regulatory compliance, data sensitivity, and potential for long-term reputational damage, providing a more holistic view of the true cost of a breach.”

The Risk Exposure Calculator uses the same algorithm as the Risk Exposure Index, considering factors such as:

• Number of records exposed
• Estimated financial impact
• Ransomware involvement
• Data sensitivity
• Overall severity of the breach
• Number of regulations impacted

By providing this tool, Kiteworks aims to empower organizations to take a proactive approach to cybersecurity, identifying potential vulnerabilities before they can be exploited.

The report concludes with actionable recommendations for organizations to strengthen their cybersecurity posture, including:

1. Adopting hardened security measures tailored to protect sensitive content communications
2. Implementing advanced encryption techniques for data at rest, in transit, and in use
3. Deploying next-generation Digital Rights Management (DRM) strategies
4. Enhancing third-party risk management practices
5. Focusing on data sensitivity and compliance through robust governance frameworks

The “Top 11 Data Breaches in 1H 2024 Report” and Risk Exposure Calculator are available at https://www.kiteworks.com/risk-exposure-index/.