Human errors account for most data breaches, report finds
For all the stock we put in computers these days, it’s user error that often gets us in the most trouble.
That’s the conclusion from the nonprofit Identity Theft Resource Center. It’s wrap-up of 2008 data breaches found that human errors — losing a laptop with sensitive data, sending a CD of data to the wrong address — accounted for most of the data breaches last year.
From its latest report:
Sadly, these trends continue to plague companies and government alike, despite education on safer information handling, new laws and regulations. Mal-attacks, hacking and insider theft, account for 29.6% of those breaches that reported the causal factor. Insider theft, now at 15.7%, has more than doubled between 2007 and 2008. On the other hand, data on the move and accidental exposure, both human error categories, showed noteworthy improvement, but still account for 35.2% of those breaches that indicate cause.
Here in Oklahoma, there are two laws on the books governing data breaches. The first, to do with government agencies, went into effect in 2006. The second, dealing with private businesses, was passed in the last Legislature and went into effect in November.
You can read the ITRC’s entire report here in PDF format. The list shows nine Oklahoma-related data breaches last year, including several businesses and government agencies.
Finally, a tip of the hat to the Washington Post, which has a story on the ITRC report here.
–Paul
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
No comments yet.
Leave a comment