US Data Breaches Have Surpassed Level For All 2007, Report Finds
The Identity Theft Resource Center (ITRC) released its updated 2008 US report (Report) which indicates that so far, 2008 has seen more data breaches than all of 2007. The ITRC found that as of August 22nd, the number of confirmed data breaches in 2008 stood at 449, surpassing 2007’s 446 breaches. To qualify as an ITRC data breach, each breach must include the unauthorized release of personal identifying information that could lead to identity theft.
According to the Report, the 2008 breaches have involved at least 22 million consumer records. The categorization of breaches by industry sector was: 37% for “Business”, 20.3% for “Educational”, 15.6% for “Medical/Healthcare”, 15.4% for “Government/Military” and 11.6% for “Banking/Credit/Financial”.
The causes for the data breaches were reported as follows: 12.9% were attributed to hacking, customer data theft by company employees accounted for 15.6% and lost laptops and other digital media containing consumer data comprised 21% of the breaches. Fourteen percent involved the accidental publishing or dissemination of sensitive consumer data, while breaches attributed to subcontractors made up 11%.
Although ITRC is unsure why there have been more breaches this year, it suspects that, in part, the increase could be a result of better reporting of incidents. Interviewed by the Washington Post, one observer said that the spike in disclosures may be related to the recent arrest of several cyber criminals thought to be responsible for some of the most high-profile thefts of data.
For an article in the Washington Post, see:
For the ITRC home page and the Report, visit:
http://www.idtheftcenter.org/; and
Summary by: Oren Weichenberg
