Computerworld

Data breaches rose sharply in 2008, says study

More than 35 million data records were breached in 2008, according to the Identity Theft Resource Center.
Tags | data breach

More than 35 million data records were breached in 2008 in the U.S., a figure that underscores continuing difficulties in securing information, according to the Identity Theft Resource Center (ITRC).

The majority of the lost data was neither encrypted nor protected by a password, according to the ITRC's report.

It documents 656 breaches in 2008 from a range of well-known U.S. companies and government entities, compared to 446 breaches in 2007, a 47 percent increase. Information about the breaches was collected by tracking media reports and the disclosures companies are required to make by law.

Data breach notification laws vary by state. Some companies do not reveal the number of data records that have been affected, which means the actual number of data breaches is likely much more than 35 million.

"More companies are revealing that they have had a data breach, either due to laws or public pressure," the ITRC wrote on its Web site. "Our sense is that two things are happening -- the criminal population is stealing more data from companies and that we are hearing more about the breaches."

The data breaches came from a variety of mishaps, including theft of laptops, hacking, employees improperly handling data, accidental disclosure and problems with subcontractors.

BNY Mellon Shareowner Services, an investment bank based in New Jersey, reported the highest number of breached records: 12.5 million. A box of computer tapes containing names, Social Security and account numbers was lost in February 2008. A lock on the truck transporting the tapes was broken, and the truck had been left unattended, according to news reports. The tapes were not encrypted.

The business community had the most breaches, comprising more than a third of the 656 breaches, ITRC said. Government and military organizations came in at 16.8 percent, the second-highest tally. However, that's an improvement over 2006, when that sector comprised nearly 30 percent of all reported data breaches, the center said.

Some 15.7 percent of all breaches were attributed to insider theft, a figure that more than doubled between 2007 and 2008, ITRC said.

More about: Mellon, Rose
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Recent Discussions
Whitepapers
All whitepapers
tracking pixel
 
Computerworld Community Comments
Most Popular Whitepapers
Zones
SAS Resource Centre

This Resource Centre hosts a wealth of thought leadership articles, whitepapers, and success videos, to help you make the most out of your corporate information in order to swiftly make sound business decisions to survive and thrive in the current economic climate.

Oracle Resource Centre

News, Features and the latest whitepapers on SOA, Application Grid, Enterprise Management and Database

Sponsored Links
 
Back to top Sitemap

Sections

Verticals

Zones

  • SAS Resource Centre

    This Resource Centre hosts a wealth of thought leadership articles, whitepapers, and success videos, to help you make the most out of your corporate information in order to swiftly make sound business decisions to survive and thrive in the current economic climate.

  • Oracle Resource Centre

    News, Features and the latest whitepapers on SOA, Application Grid, Enterprise Management and Database

Popular Whitepaper Tags

Resources

Jobs

Services

IDG Websites

Copyright 2009 IDG Communications. ABN 14 001 592 650. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.