Digital Thieves Dominate Data Breaches
Theft by hacking is now the top cause of companies' reported data losses, but a few steps can mitigate the damage.
Erik Larkin, PC World Monday, March 01, 2010 06:01 PM PST
For the first time, hackers have become the biggest cause behind publicly reported data breaches, according to a recent report.
The Identity Theft Resource Center began tracking the cause of reported breaches three years ago. For the past two years, the top cause was what the ITRC calls "data on the move"--typically a lost laptop with unencrypted data, or even a lost briefcase. That changed in 2009, when about one out of every five data breaches had a hacker behind it.
Why does this matter? A thief who walks away with a laptop is likely more interested in wiping its hard drive and selling it than in selling its data. But a hacker who invades a company's network and swipes a trove of credit card numbers is sure to use them, or sell them to someone else who will.
The ITRC notes that its study is based only on reported breaches. Because state laws and policies vary, not all breaches or their causes are reported. The number of data breaches dropped from 657 in2008 to 498 in 2009 (in 2007, there were 446). But the while the total number of breaches dropped, the number of hacker-launched thefts rose. And that's bad news.
The upshot? As security gurus I talk to like to put it, assume that your information has been compromised, and be ready to catch it when it's used.