Data Loss Database
The Open Security Foundation tracks loss of data and provides statistics on security breaches on the Internet. The foundation has established the DataLoss Database, a free and open resource for the collection and dissemination of data loss incidents. This project should help individuals, organizations or businesses properly detect and protect against security risks.
Most of the incident reports occurred due to malware, hacked websites or stolen data. Other incidents occur due to negligence or error by employees. In the next section of this article, we’ll cover in-depth the types of breaches that affected people and businesses most.
Statistics on Security Breaches: Data Type
The personal identity information that was most affected by loss of private data is as follows:
- Name and Addresses – Hacked websites, stolen drives or computers and leaked or exposed information using online service are the main causes of security breaches concerning the names and addresses of people or organizations. 34% of security breaches on the Internet have involved names and addresses.
- Social Security Numbers – 29% of security breach reports involved Social Security Numbers (SSN).
Other personal identity data that was affected includes: dates of birth, credit card numbers and medical information.
Statistics of Affected Data Type
The Open Security Foundation collected information on 450 incidents during 2010, while this year has 94 incidents already. Hundreds, thousands or millions of people may have already been impacted by these incidents. Below are examples of the recent incidents along with the number and type of data lost. Please click on the hyperlink to find out which company or website was affected.
- 970 credit card numbers and their expiration dates were accessed after a malware infection of an online site used to purchase park passes. The incident occurred on March 24, 2011.
- 200 employees’ names, addresses, dates of birth and national insurance numbers were sent to a member, in error. This incident occurred on March 23, 2011.
- 400,000 email addresses were exposed due to a website hack.
- 130,000,000 credit card numbers was compromised 2 years ago, which still holds the record for the largest security breach on the Internet.
Causes of Security Breaches
The statistics on security breaches on the Internet show that malware infection, hacking, fraud and improper disposal of equipment incidents are the main causes of data or private identification information lost.
It is important for people and business to prevent and protect their private and sensitive data by encrypting data on all computers, using secure connections, using an up-to-date application or computer, using strong passwords and enforcing the idea of least privilege accounts. It’s also recommended to audit the computer’s security status e.g. by using Microsoft Baseline Security Analyzer (MBSA) or Microsoft Security Assessment Tool (MSAT).
People and businesses should be aware of what’s going on, so that they can prevent it from happening to them too. Subscribe to mailing lists, or read the latest incident reports to be notified of security breaches with which your personal information may be associated. Also, check out this review of Identity Finder 5.0, that should help you secure your personal identification information (PII).
- Screenshots and information taken from DataLossDB.org and Microsoft Security Incident Report websites.