Cybercriminals exposed more than five billion records in 2019, costing over $1.2 trillion to US organizations. Added to the 2.8 billion records that were exposed in 2018, this means breaches over the last two years have cost US organizations over $1.8 trillion.

This is one of the findings of the latest Consumer Identity Breach Report from ForgeRock, which shows a dramatic increase in the number of breaches.

Healthcare was the most targeted industry in 2019, accounting for 382 breaches and costing over $2.45 billion. However, technology firms had the highest number of records compromised from breaches with over 1.37 billion exposed.

Unauthorized access was the most common attack vector used in 2019, responsible for 40 percent of breaches, followed by ransomware and malware at 15 percent and phishing at 14 percent. Social security numbers were the most targeted type of data compromised, exposed in 384 breaches in 2019.

“When it comes to data breaches, we’re seeing the biggest cybersecurity problem continues to be an identity problem,” says Eve Maler, CTO at ForgeRock. “The Consumer Identity Breach Report’s findings demonstrate that enterprises need to increase their identity and access management maturity. The secret is democratizing data control so organizations can allow known users to hop onto authentication ‘express lanes’ for a great experience, entrusting them with convenient consent options, and make bad actors jump through extra hoops to help prevent fraud.”

Based on data gathered so far, 2020 is set to outpace 2019 in terms of records breached, despite the fact that the number of breaches declined by 57 percent. There have been 92 data breaches affecting 1.6 billion records in Q1 2020 alone, almost nine percent more records than in Q1 of 2019. Perhaps unsurprisingly medical records are the most sought-after type of PII in Q1 2020, accounting for 25 percent of all exposed data.

You can get the full report from the ForgeRock site.