43% of Companies Had a Data Breach in the Past 2 Years

Data breaches have become an increasingly common part of doing business in the digital age. This probably doesn’t surprise you, but even the headline-grabbing breaches you’ve heard about in the past year — like at retailers Target and Home Depot — are only a fraction of the issue.

Companies have reported an uptick in data breaches, according to a newly released survey from the Ponemon Institute. In the 2013 survey (the organization’s first Study on Data Breach Preparedness), 33% of companies who responded to the survey said they experienced a breach involving the loss or theft of more than 1,000 records in the past two years. This year, that share increased to 43%. Sixty percent of those companies experienced more than one breach in that time period, up from 52% who said so in the 2013 survey.

The data is based on responses from 567 U.S. executives of companies varying in size and industry. When considering the results of the survey, it’s important to note the makeup of the sample: Only a small share of the nearly 15,000 companies who received the survey responded, and there’s always the chance a representative’s responses are not completely accurate.

Still, the increase in breach activity is notable, and employee error is often the cause of a breach, the report found. Companies seem to be re-evaluating their approach to data breach response, focusing on having a detailed plan for dealing with such issues: 73% of companies said they have a plan for data breach response, and 72% said they have a data breach-response team.

Both figures increased from last year, seemingly addressing an issue where companies had a response team but no action plan for addressing data breaches. In the 2013 report, 67% of respondents said they had the team, but only 61% had a response plan.

Get everything you need to master your credit today.

Get started for free

If company preparedness for data breaches is truly improving, that’s a comforting sign to consumers, but it’s still not enough to protect individuals. If your information is compromised in a data breach, you may not receive notification from the company for a long time, so you should take it upon yourself to monitor your credit and financial accounts for signs of identity theft. You can get your free credit reports from all three bureaus every year, and you can also use your credit scores as fraud detectors: If you check the same credit score regularly, you’ll notice a sudden score shift, which may indicate unauthorized use of your personal information. You can see two of your credit scores for free on Credit.com.