Half of reported data breaches are theft

Silhouette of a hacker isloated on black

Not data theft but theft of a computer.

The department of Health and Human Services maintains what is commonly referred to as “The Wall of Shame” a website that lists every reported data breach involving 500 or more records.

The site lists the following six types of breach:

Theft                                                     50%

Unauthorized Disclosure                  16%

Loss                                                       12%

Hacking                                                 8%

Improper Disposal                              4%

Unknown                                             2%

The percentages are approximate and some incidences have multiple breach types listed.

Theft accounts for half of the reported breaches. Commonly a laptop is stolen. In addition servers are stolen from offices and backup drives are stolen from the back seat of cars. Unauthorized disclosure usually involves individuals accessing files they shouldn’t. Like an ex-wife looking up her ex- husband’s file. Larger disclosures involve the sending of information such as an EOB to the wrong people. Loss is self-explanatory. Improper disposal can be paper files left in a dumpster or digital records on a drive. One notorious case involved a health plan that returned printers to the leasing company and the printers’ memory discs had patient data stored on them. The only type of breach that clearly is intended to access data is a hacker attack which accounts for only about 8% of reported incidents.

Leave a Reply

Your email address will not be published.