Verizon Business’ just-released an analysis of 1,152 data breaches that occurred in 2008, and found that 285,000,000 records were compromised as a result of security lapses. Kind of makes mail shredding seem like a quaint notion, doesn’t it?
As is the raw numbers weren’t bad enough, the Data Breach Investigations Report provides insight into the causes of the breaches. Alarmingly, 64% of the data breaches resulted from hacking; 40% of those attacks were traced to Eastern Europe and East Asia.
Even more alarming is the finding that 67% of all the analyzed breaches were “aided by significant errors.” In this case, it’s fair to blame the victims, given that 81% of them were not compliant with the Payment Card Industry Data Security Standard (PCI DSS). Chief among the ways corporations aided and abetted the enemy was by failing to employ patches available for more than a year at the time of attack.
Despite their abhorrent neglect to adequately protect consumers’ personal and financial information, whenever the powers that be deign to notify their clients and customers of data breaches, they all say the same thing: At Corporation X protecting your security is our top priority. We deeply regret this incident, and are working busily to make sure it never happens again.”
Don’t believe it for a minute. The analysts at Verizon Business also found that 20% of the victims had more than one data breach in the same year. And, though it’s clear cyber attacks have become increasingly sophisticated, more than half of the total data breaches were determined to have required little or no special skills or resources.
3 Comments
“aided by significant errors”? Idiocy is more like it!
And the US population is 306 million — including children. I think some of us got hit more than once.
Thanks much for post. It is really informative stuff.
I love to read http://www.id-theft-security.com!