A 2012 Security Incident Recap By The Numbers

Heidi Shey

Before we get too far along into 2013, I’d like to take a moment to reflect back on the events of 2012. Thanks to our friends at CyberFactors*, this is what we saw:

Overall

  • 1,468 (publicly reported) incidents. This includes everything from stolen laptops to external hacks to third party partners mishandling data to employees accidentally disclosing data via email.
  • 274,129,444 (known) records compromised. In the 608 cases where there was a record count reported, this was the total count. 

Types of data lost/compromised

  • Personally identifiable information (PII) was compromised in 53% of cases. This also includes credit card or bank account information, as well as medical or health insurance information.
  • Company confidential information (CCI) was compromised in 4% of cases. This includes things like proprietary intellectual property (IP), compensation data, business plans, corporate financial data, and information subject to a non-disclosure agreement with a third party. These types of incidents may not always be publicly reported, assuming that organizations are even aware that it has occurred or is happening. IP is a valuable asset, and must be protected
  • Governmental information was compromised in 42% of cases. This includes things like address, voting data, driver’s license numbers, state or Federal tax IDs, Social Security numbers, and passport information.
Read more

Dear Marketer: The Oval Office Called. It Wants Its Privacy Back.

Fatemeh Khatibloo

 Yesterday, the White House released a long-awaited set of recommendations that are focused on helping individuals take greater control of how their data is collected and used for online marketing purposes. It includes what's being referred to as a "Consumer Privacy Bill of Rights."

The language is vague. The timeline to completion is long. The guidelines, for now, are "opt-in" for organizations. All true.

But folks? The glory days of scraping and selling and repurposing customer data are over. The Oval Office has spoken on the issue of privacy and personal data, and its bill of rights is crystal clear: Tell me what you’re collecting, how you’re using it, protect it well, give me a copy, and give me a chance to correct it, delete it, or opt out entirely.

Sound familiar? It should.  

We've written about personal identity management because we recognize that:

  1. Individuals want relevant offers and content, along with all the other great stuff that comes with sharing personal data.
  2. But, they are worried about privacy, security, and identity on the Web — and these concerns are only increasing.
  3. So, Do Not Track, the Privacy Bill of Rights, and similar guidelines will gain widespread approval and adoption . . .
Read more