Data breaches rose sharply in 2008

**Glaswegian** · 01-08-2009, 12:39 PM

There has been a sharp rise in the number of data breaches in 2008 according to a report by the Identity Theft Resource Center (ITRC).

More than 35 million data records were breached in 2008 in the United States, a figure that underscores continuing difficulties in securing information. The majority of the lost data was neither encrypted nor protected by a password, according to the ITRC's report.

It documents 656 breaches in 2008 from a range of well-known US companies and government entities, compared to 446 breaches in 2007, a 47 percent increase. Information about the breaches was collected by tracking media reports and the disclosures companies are required to make by law.

Data breach notification laws vary by state. Some companies do not reveal the number of data records that have been affected, which means the actual number of data breaches is likely much more than 35 million.

"More companies are revealing that they have had a data breach, either due to laws or public pressure," the ITRC wrote on its website. "Our sense is that two things are happening - the criminal population is stealing more data from companies and that we are hearing more about the breaches."

The data breaches came from a variety of mishaps, including theft of laptops, hacking, employees improperly handling data, accidental disclosure and problems with subcontractors.

http://www.techworld.com/security/ne...&NewsID=109206

01-08-2009, 12:39 PM	#1 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 23,940 OS: Win XP Pro SP3 / Win 7 RC My System Blog Entries: 10	Data breaches rose sharply in 2008 There has been a sharp rise in the number of data breaches in 2008 according to a report by the Identity Theft Resource Center (ITRC). More than 35 million data records were breached in 2008 in the United States, a figure that underscores continuing difficulties in securing information. The majority of the lost data was neither encrypted nor protected by a password, according to the ITRC's report. It documents 656 breaches in 2008 from a range of well-known US companies and government entities, compared to 446 breaches in 2007, a 47 percent increase. Information about the breaches was collected by tracking media reports and the disclosures companies are required to make by law. Data breach notification laws vary by state. Some companies do not reveal the number of data records that have been affected, which means the actual number of data breaches is likely much more than 35 million. "More companies are revealing that they have had a data breach, either due to laws or public pressure," the ITRC wrote on its website. "Our sense is that two things are happening - the criminal population is stealing more data from companies and that we are hearing more about the breaches." The data breaches came from a variety of mishaps, including theft of laptops, hacking, employees improperly handling data, accidental disclosure and problems with subcontractors. http://www.techworld.com/security/ne...&NewsID=109206 __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. Ad-Aware::SpywareBlaster::SpyBot::SpywareGuard::SnoopFree::AVG Free::HOSTS File::HijackThis::Donate::Photographers Corner