DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Breach reports decline in 2009, but what does it mean?

Posted on December 31, 2009 by Dissent

As of today’s date, breach compilations by both the Identity Theft Resource Center and Open Security Foundation indicate that there were fewer breach reports in 2009 relative to 2008. While some of the apparent decrease may be due to two sources used last year not being available online for the second half of this year, the entire decrease cannot be attributed to these two sources.

So why are breach reports down relative to last year? Are more entities now using encryption and safer methods of transporting data leading to a reduced number of breaches or reduced number of breaches that would trigger a breach disclosure? Has the arrest of a number of master cybercriminals put a significant dent in cybercrime? Either would be cause for some celebration. But there are other possible explanations for why breach reports might be down that would not be cause for celebration, such as:

  • Entities deciding not to report or disclose breaches despite any mandatory disclosure laws because of the cost of notification during these rough economic times;
  • Entities referring incidents to law enforcement in the partial hope that law enforcement will ask them not to disclose or reveal the breach so as not to interfere with any investigation;
  • Breaches becoming more sophisticated and entities not even realizing that they have been breached;
  • The media getting bored with breach reporting and not giving it as much coverage;
  • 2008 may have represented an anomaly, as inspection of  OSF’s nifty graphic at the top of their homepage suggests, with breach reports returning to pre-2008 levels in the spring, or;
  • dldb

  • None of the above.

So… why do you think that breach reports declined in 2009?


Related:

  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • More than 100 British government personnel exposed by Ministry of Defence data leak
  • North Country Healthcare responds to Stormous's claims of a breach
  • Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
Category: Commentaries and AnalysesOf Note

Post navigation

← UK: Hacker rattles 21,000 iPhone unlockers
WA: 130,000 at risk after computer breach at EWU →

3 thoughts on “Breach reports decline in 2009, but what does it mean?”

  1. Golde says:
    December 31, 2009 at 4:48 pm

    It could be that the large organized breaches have been attributed to one breach each so that the number is lower. Maybe the ability to link these crimes has made the number lower. The other possibility is that the new business model for “some” companies is “don’t tell, no foul” and take the chance that the company can get under the wire, the cost of fines would be less than the cost of restoration, sending out letters, buying consumer products (not always needed) and reputation damage.

  2. Philip Mellinger says:
    January 1, 2010 at 2:44 am

    The drop in breaches matches the drop in fraud losses across the payment card industry earlier this year. Attackers have moved on to a greener pasture — online banking. Unfortunately, few statistics exist for online banking attacks. If one were to add the decreasing breaches / payment card fraud to the increasing attacks against online banking, one would see that the attacks have increased if anything. The bad guys have switched targets.

    1. admin says:
      January 1, 2010 at 11:11 am

      Good point. I just posted an article from USA Today on the problem, here.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
  • Cyberattacks Paralyze Major Russian Restaurant Chains
  • France Travail: At least 340,000 job seekers victims of new hack
  • Legal Silence and Chilling Effects: Injunctions Against the Press in Cybersecurity
  • #StopRansomware: Interlock
  • Suspected XSS Forum Admin Arrested in Ukraine
  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Hungarian police arrest suspect in cyberattacks on independent media
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure
  • Idaho agrees not to prosecute doctors for out-of-state abortion referrals
  • As companies race to add AI, terms of service changes are going to freak a lot of people out. Think twice before granting consent!
  • Uganda orders Google to register as a data-controller within 30 days after landmark privacy ruling
  • Meta investors, Zuckerberg reach settlement to end $8 billion trial over Facebook privacy violations

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.