Zero Fraud Liability

Posted on Monday, 9th January 2012 by Archie Norton

When it comes to data breaches, how does 2011 compare with previous years? A new report from the Privacy Rights Clearinghouse (PRC) notes 535 breaches during 2011, involving 30.4 million sensitive records. But thats just a conservative estimate, since not all data breaches see the light of day. Because many states do not require companies to report data breaches to a central clearinghouse, data breaches occur that we never hear about, said PRC director Beth Givens in the report.

Even so, 2011 saw some of the biggest or most significant breaches in history, PRC says:

1. Sony. Sony suffered over a dozen data breaches, stemming from attacks that compromised Sony PlayStation Network, Sony Online Entertainment, and Sony Pictures, among other Sony-owned websites.

Read more…

Tags: 2011, Data Breaches
No Comments »

Posted on Thursday, 17th February 2011 by Archie Norton

According to the Identity Theft Resource Center, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers, and 26% involved credit or debit card data.

The ITRC elaborated, “Other than breaches reported by the media and a few progressive state websites, there is little or no information available on many data breach events that occur. It is clear that without a mandatory national reporting requirement, many data breaches will continue to be unreported, or under-reported.”

The majority of these attacks were malicious hacks or insider theft, rather than the result of employee errors. InformationWeek reports, “Some states, but not all, have data breach notification laws, which require any organization that suffers a breach to notify that state’s affected residents. Interes

Read more…

Tags: Breaches, Data Breaches
No Comments »

Posted on Wednesday, 12th January 2011 by Nate Sawers

There were 662 data breaches in the United States in 2010, almost a 33 percent increase from 2009 according to a report by the Identity Theft Resource Center (ITRC).   The 662 data breaches exposed a total of 16,167,542 records. It’s a seemingly staggering number, though the ITRC adamantly states in a press release that the statistic may in fact be drastically low.

The actual number is considerably higher because current regulations in the United States don’t require all data breaches to be disclosed, the group said. “Other than breaches reported by the media and a few progressive state Websites, there is little or no information available on many data breach events,” said the ITRC.

The Identity Theft Resource Center defines a breach as any event that potentially puts a person’s name, Social Security number, drivers license number, medical record or financial record (credit or debit card) potentially at risk either in electronic or paper format.

The 2010 report clearly shows that some companies listed the exact number of documents exposed in their incidents.

Other breaches, however, were not as transparent. Nearly half

Read more…

Tags: 2010, Data Breaches
No Comments »

Posted on Tuesday, 9th November 2010 by Nate Sawers

According to a new study hospitals are struggling to protect patient information and data breaches cost the health care industry $6 billion annually.

The survey conducted by the Ponemon Institute included 65 health care organizations.   Of the 65 surveyed, an alarming 60 percent of respondents said they have suffered more than two breaches in the past two years.

The top three causes of breaches were unintentional employee action, lost or stolen computing devices and third-party accidents. The average number of lost or stolen records per breach was 1,769.

The survey found that breaches have cost the U.S. health care system $12 billion over the past two years. T

Read more…

Tags: Billion, Breaches Cost, Data Breaches, Data Breaches Cost
No Comments »

Posted on Sunday, 22nd November 2009 by Admin

Since the HITECH Act data breach notification provisions became effective this past September 23, 2009, I’d recently become curious about the number and nature of data breaches that would start to appear on the website at the Department of Health and Human Services (HHS).

The HHS Rules require healthcare organizations (specifically HIPAA covered entities) to report to HHS any data breach incidents that have affected over 500 individuals, shortly after the breach is discovered.  I noticed that the Identity Theft Resource Center (ITRC) 2009 ITRC Breach Report, a terrific compendium of public information from numerous sources on data breach incidents, had captured numerous healthcare data breaches since the September 23rd effective date. An

Read more…

Tags: Breaches, Data Breaches
No Comments »

Posted on Friday, 6th November 2009 by Admin

Hurray, another end of the year list. This one though (from Bank Info Security) is not reviewing the top movies, songs, celebrities but, the miserable failures in data security of 2008. With nine more days until the end of 2008, this post could be pre-mature. Data breach threats show no regard for end of the year holiday parties and frivolities.

The data breach incidents of 2008 include the old stand-bys of lost tapes and data due to mistake and theft but also reveals an increased use of break in technologies to steal information from data bases. Numerous “hacking” incidences and infected computer systems not only resulted in millions of dollars in cost to businesses but exposed large numbers of consumers to fraud. Stolen data has to go some where and can be held in reserve for use at a later time, possibly changing hands often before reaching a perpetrator. Data is a commodity. Aft Read more…

Tags: Data, Data Breaches
No Comments »