This year, more than 72 million records containing Social Security and credit card numbers, birth dates and other personal data will be exposed to unauthorized users in the U.S., according to a study by researchers at the University of Washington in Seattle.
And, the researchers said, the main culprit isn’t the oft-vilified malicious hacker. Instead, they blamed snafus inside companies as the biggest cause of data breaches.
That conclusion was based on a review of 550 security breaches that were reported in major U.S. news outlets between 1980 and last year. The goal was to examine the role that organizational behavior plays in privacy violations.
The study found that 61% of the incidents involved internal foul-ups, such as accidentally putting personal information online or losing track of backup tapes and other equipment.
In contrast, 31% of the breaches were perpetrated by external hackers, said Philip Howard, an assistant professor of communication at the University of Washington and a co-author of the report. The remainder of the breaches had unspecified causes, he added.