Study Says Data Breaches On The Rise

from the if-it-hasn't-happened-to-you,-it-will dept

It's hardly surprising to hear that a new study claims that data breaches are on the rise, with the number of incidents picking up steam in 2008. Sadly, news of "the biggest ever data leak" seems to have become a regular occurrence, and is seen just as part of the normal course of business these days. Part of the problem is that the penalties companies pay for the leaks don't ever amount to much, what with toothless punishment from regulatory bodies and relatively small fines. Most companies just offer some free credit-report monitoring to those affected, maybe have a "special" sale, and move on. While other studies say the cost of breaches is rising, it's still low enough that, apparently, it's an acceptable cost of business, and makes the cost of better prevention unappealing. Still, this isn't wholly a technical problem: human error remains an enormous threat, with "insider negligence" blamed in one study for 88 percent of data breaches.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: data breaches


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 5 Feb 2009 @ 5:53pm

    Corporate Indifference

    "an acceptable cost of business"

    It's not acceptable to me, because ultimately the consumer is the one paying for their negligence.

    They have no reason to care.

    link to this | view in chronology ]

  • identicon
    Bear, 5 Feb 2009 @ 6:41pm

    Definitely not acceptable to me...

    ...since I'm the CTO. Everything that has to do with IT is my responsibility.

    link to this | view in chronology ]

  • identicon
    TW Burger, 5 Feb 2009 @ 6:49pm

    Attitude is Everything

    I write security software for a large retailer and everything here is built for as much security as is practically possible.

    However, I can attest that the biggest threat to data security is not a not so thoroughly parsed parameter or a port in a fire wall that is left open, it is, as stated, insider negligence. Plain corruption may account for some problems but the bulk of the issues are crappy passwords (ironically my experience is that the more access a user has due to seniority and position the worse the password choice), leaving computers unattended, not wiping discarded hard drives, and not shredding papers that contain sensitive data.

    link to this | view in chronology ]

  • identicon
    Rich Kulawiec, 6 Feb 2009 @ 4:18am

    Imprisonment and confiscation for Cxx-level officers

    The fix for this is precisely the same as that for other abuses which are either perpetuated or tolerated by Cxx-level officers of other companies (e.g., financial fraud): imprisonment and confiscation of all personal assets. I'm sure we could release any number of casualties of well-known failure called "The War on Drugs" in order to make room for them, and their own assets should be spent on paying for their confinement. Perhaps the prospect of sharing a cellblock with the executives of Citibank and TJ Maxx -- as well as some hardened criminals, let's make sure they're mixed in -- would cause these selfish, arrogant, worthless jerks to think about the consequences of their own greed before indulging it.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Feb 2009 @ 8:09am

    The total cost to an organization that has a data breach is vastly under reported. The big problem is that most companies don't realize this until it has happened to them.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.