Theft of Personal Data More Than Triples This Year
December 11, 2007
From USA Today: Thieves are systematically pilfering sensitive personal data from companies, government agencies, colleges and hospitals like never before.
More than 162 million records have been reported lost or stolen in 2007, triple the 49.7 million that went missing in 2006, according to USA TODAY’s analysis of data losses reported over the past two years.
This year, news stories have been written about data losses disclosed by 98 companies, 85 schools, 80 government agencies and 39 hospitals and clinics, according to a database at tech security website Attrition.org.
When I was interviewed by Telemundo for their national news program recently, their first question was “why are we seeing this dramatic up tick in data theft?”. Here’s the quick explanation: Recently enacted data-loss-disclosure laws make disclosure obligatory, whereas before it was not. You can easily imagine why business would elect to keep quiet about such problems.
I also pointed out that stealing (or finding!) people’s personal data is profitable, easy, infrequently reported and punished, and finally, that the costs of identity theft are borne by the victim, not the businesses, organizations and governments who mismanage people’s personal data. Given these contributing factors, it’s hard to see how a criminal wouldn’t want to get in on this action: the risk of getting caught is low and the internet allows thieving to take place on a massive scale at a safe distance.
Bottom line: there’s currently little motivation for business, government and other organizations to be more careful with your personal data. Until it hurts them as much as it hurts you, it’s not likely to get better.
