Latest news
The past year has seen a substantial uptick in the amount of total records breached. In 2012, there was a dramatic increase in the total number of reported records affected (1,977,412), but a relatively low amount of institutions (51) that reported breaches. In fact, the past year has seen the most reported compromised records in the higher education sector since 2006, based on data since tracking began in 2005.
The unwanted distinction of suffering the largest reported data breach in 2012 by a U.S.-based institution of higher learning came from the University of Nebraska, which reported a breach of 654,000 records on May 25, 2012. Rounding out the 2012 Higher Education Data Breach Madness “Final Four” were the University of North Carolina (350,000), Arizona State University (300,000) and Northwest Florida State College (279,000).
The University of Nebraska became the 25th higher education institution since 2005 to report a data breach in excess of 100,000 records. In fact, all four institutions in the 2012 “Final Four” eclipsed 100,000 stolen records, which is a first since 2009.
According to the Ponemon Institute’s most recent "Annual Study: U.S. Cost of a Data Breach" (March 2012), the findings showed that the average cost to organizations per compromised record was $194, though in the education vertical the average cost was far lower at $142 per record. However, based on the lower education average, the University of Nebraska data breach could cost the university over $92 million.
The "winner" of last year’s ‘Madness’ was Virginia Commonwealth University (VCU), which suffered a breach consisting of a reported 176,567 compromised records. In 2011, there was a substantial dip in reported breaches (48) and compromised records (478,490). UCLA still holds the record with 800,000 compromised records, reported in 2006.
“When we look back at the higher education data breaches in 2012, we can see that the hackers are clearly getting smarter at stealing data,” states Alex Rothacker, Director of Security Research, AppSecInc’s TeamSHATTER. “The reported breaches remain on the low side, yet the stolen data is over three times what we saw in 2011.”
Based on publicly reported data breaches compiled by Privacy Rights Clearinghouse, the Data Breach Madness bracket’s reflected outcome is specific to the total number of records breached at each higher education institution. The larger the breach, the further each institution went on in the "tournament", until an eventual "champion" was crowned.
Spotlight
Review: Logging and Log Management
Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.
Experts highlight top data breach vulnerabilities
Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.
A closer look at Mega cloud storage
Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
