February 25, 2008
Research carried out with 21 companies in the UK has revealed that the average cost of a data security breach in 2007 was £1.4 ($2.75 US) million. That equates to around £47 ($92 US) for every single record stolen or exposed.
Companies in the financial sector, which are at a higher risk of a breach, have a cost per stolen record of £55.
The Ponemon Institute, which conducted the research, estimates customer churn rates to go up by an average of 2.5 per cent after a data loss, but the worst example in the UK saw churn rates go up by seven per cent. The size of the losses examined ranged from 2,500 records to more than 125,000 and costs ranged from £84,000 to £3.8m.
January 28, 2008
Buckinghamshire Hospitals NHS Trust has suspended some methods of sending data after admitting the details of patients and staff had been copied to removable media such as CDs without encryption. The security clampdown comes after the trust reviewed more than 30 bulk transfers (50 records or more) of data.
The trust acknowledges in a report that “there is no single security measure that can be adopted to ensure that adequate control is assured”.
December 17, 2007
CSOOnline.com has released its top ten security breaches of 2007, which makes for slightly funny, hugely scary reading:
10. Monster.com and its 1.3 million customers
9. Commerce Bank of Wichita and the alleged security breach PR scam
8. Indianapolis Power and Light and 3,000 customer names, social security numbers etc
7. TSA and the case of the missing laptops
6. Shaw’s Supermarket and the social security passwords
5. Swedish Urology Group and the hard drives containing personal information (excuse the pun)
4. The Nature Conservancy and the polluted websites
3. TSA (part II), another 100,000 records lost
2. HM Revenue and Customs, 25 million records ‘in the mail’
1. TJX Maxx. No need to say more…
Get the full low-down on csoonline.com
October 26, 2007
When it comes to security fears, a new survey suggests that only a terrorist attack causes more concern than misuse of an individual’s personal data. According to the research, UK citizens are more worried about having their credit card details exposed or identities stolen than they are about being mugged or attacked.
October 9, 2007
A cross-party group of UK politicians has called for an identity theft ‘czar’ to take a central role in liaising between the Government, police and private sector organizations.
The committee also want to see an increased focus from the police as well as a Government-backed campaign on raising awareness of the risks of identity theft. Despite recent concerns over the role social networking sites have in facilitating ID theft, the UK Members of Parliament (MPs) suggested that sites like Facebook might be a good medium to help get the message across to target groups such as young adults.
According to a report from the BBC, identity theft is believed to have caused the UK economy £1.7bn ($3.4bn) last year.
However, WatchYourEnd believes that there is still not enough focus on organizations to protect the personal information held on their networks. It is vitally important that consumers learn to properly destroy credit card receipts, statements etc - but also critical that organizations which hold our data do not leave gaping holes in the network security.
