FROM WASHINGTONPOST.COM
Data Breaches Hit 8.3 Million Records in First Quarter
|
TOOLBOX
   Resize
COMMENT
 Discussion Policy
 CLOSE
Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post.
Who's Blogging  |
At least 8.3 million personal and financial records of consumers were potentially compromised by data breaches at businesses, universities and government agencies in the first quarter of 2008, according to statistics released yesterday.
The Identity Theft Resource Center in San Diego said it tracked public reports of 167 data breaches in the first three months of this year. The center recorded 448 incidents in 2007.
Roughly 4.2 million of the breached records were the result of digital intrusions at the Hannaford supermarket chain, disclosed last month.
Overall, businesses were responsible for about 36 percent of the breaches, followed by schools and universities (25 percent), government and military (18 percent), medical/health care (14 percent), and banking and financial institutions (7 percent).
Only about 13 percent of the breaches were the result of hacker break-ins.
Most of the data breaches in the first quarter appear to have resulted from lost or stolen laptops, hard drives or thumb drives. Insider access and the inadvertent posting of sensitive data to a Web site or through e-mail were also frequently cited reasons for breaches, according to the report.
In about 40 percent of the 167 incidents detailed in the report, however, the organizations involved have not disclosed how many records might have been compromised or how many consumers might be affected.
Linda Foley, the Resource Center's founder, said it's unclear whether the increase in incidents this year can be attributed to a greater number of breaches, or the fact that a greater number of states have laws mandating data breach disclosures, or a combination of the two. Nationwide, 39 states and the District of Columbia have laws on the books requiring organizations to notify consumers of a data breach that jeopardizes their personal or financial data.
"The question of why we are hearing more about data breaches is going to take us a couple of more years to sort out," Foley said. "I think, perhaps in addition to the state [disclosure laws], companies are urged on a bit by the fear of the media taking the story and releasing it rather than the companies themselves getting a chance to the spin the news."
-- Brian Krebs
washingtonpost.com staff writer
For more from the Security Fix blog, visithttp:/
