by Ondrej Krehel
The nonprofit (ITRC) recently released a report on data breaches in 2010 that is well worth considering.
The center documented 662 reported breaches, yet this is likely only a fraction of the total breaches that happened last year. Their list comes from a compilation of other studies and breaches reported by “the media and a few progressive state websites.” Most data breaches, many believe, are either not reported or underreported.
[Related: The Cyber World We Live In]
Still, the study found:
Another independent source of reported data breaches can also be found at .
stands as an excellent snapshot of what’s happening in the industry and, if anything, the need for transparency and legislative measures in data breach reporting. Businesses need to be encouraged not to add insult to injury after a data breach. By guarding the details of a breach—or even hiding the fact that one occurred—rather than sharing the forensics information gathered after the fact, companies are doing a disservice to their peers and customers.
Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.