DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Break’s over: after decline in 2009, breach reports appear to rise in 2010

Posted on August 3, 2010 by Dissent

The Verizon breach analysis report released this past week reported declines in 2009 in both the number of records compromised and the number of breaches Verizon was asked to investigate.   Their reported decline in number of breaches has some confirmation in reports from the Privacy Rights Clearinghouse and the Identity Theft Resource Center, who had also noted declines in number of reported breaches in 2009. But where Verizon’s report suggests that the number of records compromised in 2009 declined from 2008 levels, both PRC and ITRC had reported significant increases in their records measures that year. Without knowing more about specific cases included in the Verizon-USSS data set, it is impossible for me to fully account for the discrepancy. But keeping in mind that Verizon-USSS are usually dealing with compromised records and not just exposed records, the National Archives Records Administration incident exposing 76,000,000 records that was included in the PRC and ITRC figures might be the source of much of the discrepant findings.

But was 2009 just an anomaly? Here’s how I see 2010 shaping up:

More Breach Reports

  • The Privacy Rights Clearinghouse (PRC) shows that for 2010 to date, they have already recorded 328 breaches. For all of 2009, they had reported 252 incidents. This year, PRC started using DataBreaches.net and PHIprivacy.net to fuel their chronology.  Adding those two resources seems to have significantly increased their number of reported incidents. Whether the additional resources plus the new HHS resource explains all of the increase, however, is doubtful.
  • Similarly, the Identity Theft Resource Center (ITRC), which was already using DataBreaches.net and PHIprivacy.net, reports 385 incidents for 2010 to date, compared to 498 breaches for all of 2009.  At least some of the apparent increase may be due to the new U.S. Department of Health & Human Services resource, but:

Based on the year-to-date figures and the fact that we are as yet missing reports from one of our regular primary sources (Maryland), it does appear that the number of incidents disclosed will be significantly higher for 2010 than for 2009 and is likely to surpass 2008, a year in which ITRC recorded 656 incidents.

Fewer Records Exposed

Although the number of breach reports being disclosed appears to be increasing this year compared to last year and previous years, the number of records involved seems to have declined significantly from 2009. PRC reports 12,797,957 records exposed so far in 2010 for those breaches for which they have numbers, while ITRC reports 13,067,157 records exposed to date for 2010. At this rate, and barring any “monster” breach disclosures during the remainder of this year, the total number of records exposed for 2010 may not only be significantly less than what PRC and ITRC reported in 2009, but may also be less than what was reported in 2008.

Fingers crossed.

Category: Breach IncidentsCommentaries and AnalysesOf Note

Post navigation

← HHS Dismisses AHF Complaint, Closes AIM Investigation
Closing a Door on Child Identity Theft →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
  • Websites selling hacking tools to cybercriminals seized
  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database
  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.