 |
 |
Security Breaches Double in 2010, but Significantly Fewer Records Exposed
2010 Data Highlights Need to Improve Security of Portable Devices, Update Network Security, and Strengthen Malware Protection
Boca Raton, Fla. – January 6, 2011 – In the information security world, the year 2010 will be remembered for WikiLeaks, Google gaffs, and the Stuxnet threat. It is also notable for the ongoing battle in cyberspace, which continues to offer abundant opportunity for organizations to get serious about their information security. Reporting from the front lines, the Privacy Rights Clearinghouse recorded 592 data security breaches last year, which potentially exposed more than 11.5 million records. This represents more than double the number of breaches reported in 2009, although with significantly fewer affected records. In terms of 2010 breach volumes, the healthcare industry dominated—with 182 incidents exposing some 2.8 million records. Compromised portable devices constituted the greatest threat, including lost, stolen or discarded laptops, PDAs, smartphones, memory sticks, CDs, hard drives, data tapes and other portable devices. These accounted for 68 breaches, or 37 percent of the industry total, and involved 2.5 million records—almost 90 percent of all records exposed in all healthcare data breaches for the year. In terms of records exposure, the financial industry led with 6.3 million records potentially affected in 94 reported data breaches. As in healthcare, compromised portable devices used to store and share financial data accounted for the majority of exposed records. Specifically, 3.7 million records were involved in 16 breaches, representing more than half of all records exposed in all financial data breaches in 2010. The education sector reported 72 breaches involving more than 825,000 records, but in this case hacking was responsible for the lion’s share—with 23 breaches potentially exposing some 438,000 records. The Privacy Rights Clearinghouse defines hacking as ‘electronic entry by an outside party, malware and spyware.’ These and other reported incidents represent opportunities to shore up the security of smartphones and other portable devices through the use of complex passwords, remote wipe and similar technologies, and strong encryption of data in motion and data at rest. In addition, these data beaches highlight the importance of updating network security programs and conducting security assessments of wireless networks, web applications, access points, and other potentially vulnerable portals. SECNAP Network Security specializes in protecting clients and their stakeholders in the financial, healthcare and education verticals. SECNAP security and privacy solutions assist C-level security executives and IT professionals in identifying vulnerabilities before they can be exploited and in effectively safeguarding network and information assets. About SECNAP SECNAP Network Security develops information security solutions that enable the secure conduct of business and e-commerce. The company’s award-winning SpammerTrap Email Security and Managed Network Security solutions ensure unrivaled 24/7 protection of client information assets. The company’s email encryption solution is among the finalists for the 2011 Global Excellence Awards sponsored by the Information Security Products Guide. An extensive portfolio of information Security Services includes external penetration testing, HITECH, HIPAA, GLBA, ISO and other compliance assessments, web application and wireless assessments, social engineering testing and more. Visit www.secnap.com.
|