A longitudinal analysis of data breaches

Purpose The purpose of this research is to provide companies and consumers with information about the potential connections between data breach types and institutions. This study also aims to add to the body of knowledge about data breaches. Design/methodology/approach This study analyzes a chronology of five years of data breaches. The data were classified and analyzed by breach and institution type, record size, and state. Multiple statistical tests were performed. Findings Breach types stolen and exposed are statistically more likely to occur. Educational institutions are more likely to have a breach and it is more probable that educational breaches will be of type hacker or exposed. The proportion of insider incidents is smaller than the other breach types. The number of records breached is independent of institution and breach type. Research limitations/implications Only those breaches with a specified number of records are included. The information used may have been updated after our analysis, usually a change in the number of records identified. Practical implications Additional knowledge about characteristics of data breaches and the relationship between breach types and institution types will enable both businesses and consumers to be more effective in protecting sensitive information. Businesses will be able to create security budgets based on risk factors and consumers will be more aware of the risks of providing sensitive information. Originality/value This study provides a longitudinal analysis covering five years of data breaches and analyzes the relationship between five breach types and six types of institutions.