Malicious Attacks Most Blamed in '09 Data Breaches
Rogue employees and hackers were the most commonly cited sources of data breaches reported during the first half of 2009, according to figures released this week by the Identity Theft Resource Center, a San Diego based nonprofit.
The ID Theft Center found that of the roughly 250 data breaches publicly reported in the United States between Jan. 1 and Jun. 12, victims blamed the largest share of incidents on theft by employees (18.4 percent) and hacking (18 percent). Taken together, breaches attributed to these two types of malicious attacks have increased about 10 percent over the same period in 2008.
Some 44 states and the District of Columbia now have laws requiring entities that experience a breach to publicly disclose that fact. Yet, few breached entities report having done anything to safeguard data in the event that it is lost or stolen. The ITRC found only a single breach in the first half of 2009 in which the victim reported that the lost or stolen data was protected by encryption technology.
"It is a dual problem here undeterred by law or common sense," said ITRC co-founder Linda Foley. "You would think if all these organizations have to notify, that they would take some steps to make sure their data doesn't get exposed in the first place."
While the center found the overall number of breaches is down significantly from the same period last year (342), that doesn't mean that fewer businesses and consumers are being affected by data breaches (around 12 million so far this year). Foley said fewer than half of the entities that disclosed a breach so far this year disclosed how many total victims there were.
The center found that 14 percent of breaches this year were due to data contained on lost or stolen digital media, such as a laptop or USB thumb drive., while 11.6 percent of the breaches involved personal data that was inadvertently exposed or published.
Please join me today at 11 a.m. ET for Security Fix Live, when Yours Truly endeavors to answer your questions about all things tech, security and privacy related. If you can't join us then, drop a question in the hopper now. The transcript will be archived here.
June 19, 2009; 10:35 AM ET
Categories: Fraud , From the Bunker , New Patches | Tags: data breach 2009, id theft resource center
Save & Share: Previous: iPhone 3.0 Includes 46 Security Updates
Next: Web Fraud 2.0: Franchising Cyber Crime
Posted by: eiverson1 | June 22, 2009 3:22 PM | Report abuse
The comments to this entry are closed.