Data breaches rose sharply in 2008, study says
Most of the lost data was neither encrypted nor password-protected
IDG News Service - More than 35 million data records were breached in 2008 in the U.S., a figure that underscores continuing difficulties in securing information, according to the Identity Theft Resource Center (ITRC).
The majority of the lost data was neither encrypted nor protected by a password, according to the ITRC's report.
It documents 656 breaches in 2008 from a range of well-known U.S. companies and government entities, compared to 446 breaches in 2007, a 47% increase. Information about the breaches was collected by tracking media reports and the disclosures companies are required to make by law.
Data breach notification laws vary by state. Some companies do not reveal the number of data records that have been affected, which means the actual number of data breaches is likely much more than 35 million.
"More companies are revealing that they have had a data breach, either due to laws or public pressure," the ITRC wrote on its Web site. "Our sense is that two things are happening -- the criminal population is stealing more data from companies and that we are hearing more about the breaches."
The data breaches came from a variety of mishaps, including theft of laptops, hacking, employees improperly handling data, accidental disclosure and problems with subcontractors.
BNY Mellon Shareowner Services, an investment bank in New Jersey, reported the highest number of breached records: 12.5 million. A box of computer tapes containing names, Social Security and account numbers was lost in February 2008. A lock on the truck transporting the tapes was broken, and the truck had been left unattended, according to news reports. The tapes were not encrypted.
The business community had the most breaches, comprising more than a third of the 656 breaches, ITRC said. Government and military organizations came in at 16.8%, the second-highest tally. However, that's an improvement over 2006, when that sector comprised nearly 30% of all reported data breaches, the center said.
Some 15.7% of all breaches were attributed to insider theft, a figure that more than doubled between 2007 and 2008, ITRC said.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast Best Practices: How to Improve Business Continuity with Virtualization VMware solutions include a range of business continuity capabilities to help ensure availability for applications across your virtualized environment. Learn More>>
- Live Webcast
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...