Why tolerate any risk when it is absolutely avoidable?
Whether you know it or not, you have probably been a victim of cybercrime! In a 2009 study, 90% of respondents said their company experienced a computer security incident within the past 12 months. An amazing 340,242,628 records containing personal information has been lost or stolen since January 2005 and every three seconds another identity is stolen. In April 2009, President Obama stated “It’s been estimated that last year alone, cyber criminals stole intellectual property from businesses worldwide worth up to $1 trillion.”
Recent studies state that the average number of records compromised in a single incident is 431,077 and the average company cost of a data breach has risen to $194 per customer record. Symantec found that in 2011, the average 2011 cost per incident of a data breach in the United States was $5.5 million, and lost business amounted to an average of $3.01 million.
|Mar 2012||Mastercard/Visa||10 million records compromised – cost not determined|
|Jun 2011||Sony Pictures||Hackers obtained over one million Sony customer unencrypted passwords|
|Apr 2011||Sony||101.6 million records compromised; 12 million unencrypted credit card numbers|
|Apr 2011||WordPress||18 million records compromised; Data includes source code, API code, and social media passwords|
|Apr 2011||Texas Comptroller’s Office||3.5 million records compromised; Two class action lawsuits have been filed|
|Mar 2011||Health Net Inc., International Business Machines (IBM)||1.9 million records compromised; 9 disc drives containing sensitive health information missing from Health Net’s data center|
|Dec 2010||American Honda Motor||4.9 millions records compromised|
|Dec 2009||RBS Worldpay||$9 million stolen in a single day; Lawsuits filed|
|May 2009||Virginia Dept. of Health||$10,000,000 ransom demand & mailing individual notifications to 530,000 people|
More notable breaches:
- ChoicePoint settles data security breach charges; pays $10 million in civil penalties, $5 million for consumer redress. At least 800 cases of identity theft arose from company’s data breach.
- The TJX Companies Inc. experienced an “unauthorized intrusion” into its computer systems. TJX has reported the cost to date at approximately $250 million.
Why are we at risk of a data breach? Verizon in their 2009 Data Breach Report investigations, Verizon lists:
- 74% resulted from external sources
- 20% caused by insiders
- 32% implicated business partners
- 39% involved multiple parties
- 67% aided by significant errors
- 64% resulted from hacking
- 38% utilized malware
- 22% involved privilege misuse
Unauthorized access via default, shared, or stolen credentials constituted more than a third of the entire “hacking” category, and over half of all compromised records.