The Identity Theft Resource Centerís 2008 breach report
Posted on 07 January 2009.
Reports of data breaches increased dramatically in 2008. The Identity Theft Resource Centerís 2008 breach report reached 656 reported breaches at the end of 2008, reflecting an increase of 47% over last yearís total of 446. In terms of sub-divisions by type of entity, the rankings have not changed between 2007 and 2008 within the five groups that ITRC monitors.

The financial, banking and credit industries have remained the most proactive groups in terms of data protection over all three years. The Government/Military category has dropped nearly 50% since 2006, moving from the highest number of breaches to the third highest.

According to ITRC reports, only 2.4% of all breaches had encryption or other strong protection methods in use. Only 8.5% of reported breaches had password protection. It is obvious that the bulk of breached data was unprotected by either encryption or even passwords.

The ITRC tracks five categories of data loss methods: data on the move, accidental exposure, insider theft, subcontractors, and hacking. Subcontractor breaches, while counted as one breach each, in some cases affected dozens of companies. It is important to note that the number of breaches reported does not reflect the number of companies affected.

The ITRC breach list is a compilation of breaches confirmed by various media sources, notification lists from state governmental agencies. ITRC uses several websites to help search for verifiable breaches, such as databreaches.net, privacy.net, and www.datalossdb.org. To qualify breaches must include personal identifying information that could lead to identity theft, especially the loss of Social Security numbers.

Here is the 2008 Breach Report.†As an addition, you can also check out 2008 Breach Stats Report,† which includes the percentages for each entity category (business, financial/credit, educational, governmental/military and health care).





Spotlight

Free security software identifies cloud vulnerabilities

Posted on 21 October 2104.  |  Designed for IT and security professionals, the service gives a view of the data exchanged with partner and cloud applications beyond the network firewall. Completely passive, it runs on non-production systems, and does not require firewall changes.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //