An Analysis of Data Security Incidents

Rajat Venkatesh1/3/2020 1 Min Read

Veris Community compiles information security breaches and incidents based on a standard. They also maintain a database of incidents - VCDB - regularly updated by the community.

Caveat: The community was most active in 2012 and 2013, reflected by the number of incidents reported between those years. Nevertheless, the granularity of the data makes this dataset very useful. Tokern analyzed the dataset with a focus on insider threats and database breaches. The key findings are:

  • 47% of incidents were due to internal actors.
  • 14% of incidents involved a database system
  • Among incidents involving a database system:
  • 60% of incidents involved internal actors.
  • 70% of incidents were due to misuse, error, or social

Overview of the dataset

The VCDB database had data on 8352 incidents as of December 13, 2019. Of these, 8031 incidents were for the years 2010 and onwards. Shown below is a histogram of incidents per year:

The reporting of most incidents in 2013 shows the waning interest in the community for its maintenance in subsequent years.


The numbers caused by external and internal actors (including partners) were almost equal. The pie chart below shows the split:


The top assets compromised in the incidents were

  • personal devices, including laptops and mobiles
  • documents
  • web applications
  • databases


Action describes the method used in the incident. The pie chart below shows the percentage of actions:

Database Incidents

This section focuses on incidents in which a database is involved. 14% of incidents involved a database.


Contrary to the complete dataset, internal actors and partners were involved in most incidents.


Similarly, the trends with respect to actions are also different. Misuse was the primary reason for the security incident.

Other Data Sources

A few other popular data sources on data breaches are:


VCDB is a very granular database with the ability to drill down along many dimensions though it is not perfect. In this report, we studied the factors in database breach-related incidents. Avoiding breaches involves planning for misuse and insider threats. If you find this analysis of use and want to collaborate, get in touch through the chat widget.

Similar Posts

Get in touch for bespoke support for PII Catcher

We can help discover, manage and secure sensitive data in your data warehouse.