Associated Press reports:
A $10 billion-a-year effort to protect sensitive government data, from military secrets to Social Security numbers, is struggling to keep pace with an increasing number of cyberattacks and is unwittingly being undermined by federal employees and contractors.
Workers scattered across more than a dozen agencies, from the Defense and Education departments to the National Weather Service, are responsible for at least half of the federal cyberincidents reported each year since 2010, according to an Associated Press analysis of records.
[…]
Last year, for example, about 21% of all federal breaches were traced to government workers who violated policies, 16% who lost devices or had them stolen, 12% who improperly handled sensitive information printed from computers, at least 8% who ran or installed malicious software, and 6% who were enticed to share private information, according to an annual White House review.
Read more on Milwaukee-Wisconsin Journal Sentinel. If you’re having trouble figuring out the breach affecting 5 million that the report refers to, I can help you: that would be the SAIC-TRICARE breach, covered extensively on the companion blog, PHIprivacy.net.