Data Breaches Rose Sharply In 2008 - Slashdot

Follow Slashdot stories on Twitter

×

Data Breaches Rose Sharply In 2008 43

Posted by CmdrTaco on Wednesday January 07, 2009 @12:44PM from the my-password-is-p4ssw0rd dept.

snydeq writes "According to the Identity Theft Resource Center, more than 35 million data records were breached in the US in 2008. Tracking media reports and disclosures companies are required to make by law, the ITRC noted a 47 percent increase in breaches last year at a range of well-known US companies and government entities. The majority of the lost data was neither encrypted nor protected by a password. A third of the breaches occurred at business entities. One in six breaches were attributed to insider theft, a figure that more than doubled between 2007 and 2008, ITRC said."

This discussion has been archived. No new comments can be posted.

Data Breaches Rose Sharply In 2008

Search 43 Comments Log In/Create an Account

Comments Filter:

Harsher Consequences? (Score:4, Interesting)

by kudokatz ( 1110689 ) writes: on Wednesday January 07, 2009 @01:13PM (#26359417)

This is just more evidence of what is already widely known: people are generally lax about security matters. What we really need is some way of getting the point across that things like reasonable passwords are turning into a necessity of every-day life.
Both the twitter and Palin e-mail "hackers" just guessed passwords or researched PII to get in. This also shows we definitely need some better form of authentication, and that authorization policies inside organizations should be more paranoid. Of course I'm still lost as to alternatives to passwords, so perhaps people will just have to suck it up and put a bit of effort into it.
There are always the trade-offs between effort and the value of what one is protecting. If the public finds these data breaches unacceptable, why not make the consequences more serious so that from a business standpoint it is more worthwhile to spend on security? This may lead to corporations developing an atmosphere of security awareness, which will keep people actively thinking about important steps to take in typical day-to-day activities.

Share
twitter facebook
what is a breach of security and what is not? (Score:2, Interesting)

by Benjamin_Wright ( 1168679 ) writes: on Wednesday January 07, 2009 @01:25PM (#26359583) Homepage

Most all data in commercial and government systems are "exposed" or "compromised" to one degree or another virtually all the time. So it is not surprising that as we focus more attention on breaches, we discover an ever-growing number of breaches. Under the presenting thinking, the growth will never stop. Should each citizen therefore be mailed 100 breach notices every day? Legally and ethically speaking, we do not have a competent definition of what is and is not a meaningful security breach [blogspot.com]. The result is confusion and excessive anxiety on the part of data holders, data subjects, legal authorities and the media. Ben

Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

"May your future be limited only by your dreams." -- Christa McAuliffe