2008 Breach Report Now Out

On Monday, 1/5/09, the Identity Theft Resource Center (ITRC) came out with their Breach Report for 2008:

(http://www.idtheftcenter.org/BreachPDF/ITRC_Breach_Report_2008_final.pdf).

Reports of data breaches increased dramatically over 2007. There were 656 major breaches with 35,691,255 people exposed as a result of these breaches (although the number of breaches do not reflect the actual number of companies affected). To qualify as a breach, identifying information that could lead to identity theft such as a person’s social security number, must have been exposed at the time of breach.

What is most scary is that only 2.4% of all the breaches had encryption or other strong protection methods in use. In fact, only 8.5% of the reported breaches even had password protection. Obviously, most of the breached data was unprotected. I wonder what the statistics would look like if companies took a wee bit of time to actually protect their information. Doing so would certainly mitigate their damages (not only monetary but possible jail time as well) for breaches of information. Check out the link to the right for ITRC’s website.

For further information about how to protect your business, be in compliance with the identity theft laws or need training, please feel free to contact us at info(a)identitytheftforum.net.