A new incident response report from BakerHostetler analyzed data breach statistics over the last year. The report found that the number of incidents across industries was almost identical in 2022 and 2021.
There were fewer ransomware incidents for most of 2022 (compared to 2021) until an end-of-the-year surge. The surge resulted in a moderate increase in the average amount of initial ransom demands, the amount of a ransom actually paid and the length of time to recover from a ransomware attack. Recovery times for most industries all increased last year. Network intrusions remained the most common type of incident, accounting for nearly half of the matters tracked in the report.
Fraudulent fund transfers, which were prevalent in 2021, saw a decrease in number, total transfer amount and average transfer amount in 2022. However, the rate of success in recovering funds dropped from 42% in 2021 to 24% in 2022. Forensic investigation costs increased by 20% on average last year, not including business interruption costs, data review and notice costs and indemnity claims.
Litigation related to data breaches was more frequent and lawsuits are being filed in matters affecting fewer individuals. Additionally, lawsuits based on privacy statutes continued to grow.