by Ondrej Krehel
The nonprofit (ITRC) recently released a report on data breaches in 2010 that is well worth considering.
The center documented 662 reported breaches, yet this is likely only a fraction of the total breaches that happened last year. Their list comes from a compilation of other studies and breaches reported by “the media and a few progressive state websites.” Most data breaches, many believe, are either not reported or underreported.
[Related: The Cyber World We Live In]
Still, the study found:
- Despite this digital world around us, paper breaches account for nearly 20 percent of known breaches. “There is generally no mandatory reporting requirement for paper breaches,” the report notes.
- Hacker attacks account for 17.1 percent of breaches, compared to 15.4 percent from insider theft.
- Almost 40 percent of the reported breaches did not specify how the data was exposed. “This indicates a clear lack of transparency and full reporting to the public,” the report states.
- Social Security numbers were exposed in 412 breaches—62 percent of all breaches.
- 170 breaches, or 26 percent, involved .
Another independent source of reported data breaches can also be found at .
stands as an excellent snapshot of what’s happening in the industry and, if anything, the need for transparency and legislative measures in data breach reporting. Businesses need to be encouraged not to add insult to injury after a data breach. By guarding the details of a breach—or even hiding the fact that one occurred—rather than sharing the forensics information gathered after the fact, companies are doing a disservice to their peers and customers.
Ondrej Krehel, Chief Information Security Officer,
Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.
Leave a Reply
Identity Theft 911 is the nation’s premier consultative provider of identity and data risk management, resolution and education services. To learn more, visit .
Categories
- Adam Levin (12)
- Betty Chan-Bauza (1)
- Brian McGinley (11)
- Child Identity Theft (8)
- Data Breach (29)
- Debt Tagging (2)
- Digital Forensics (4)
- Eduard Goodman (14)
- Hacking/Viruses (29)
- Identity Protection (31)
- Identity Theft (34)
- Industry Data & News (51)
- Internet Safety (18)
- Matt Cullina (8)
- Media (1)
- Mobile Security (12)
- Ondrej Krehel (41)
- Podcast (8)
- Privacy (24)
- Security (35)
- Social Media (9)
- Tax Fraud (2)
- Uncategorized (1)
- Victor Searcy (1)
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010