Print 5 comment(s) - last by CascadingDarkn.. on Jan 2 at 1:14 PM

Non-profit groups list 2007 as worst year ever for personal data theft

For many who work and play online and carry sensitive information on their computers, security and privacy are often major concerns. Unfortunately for all of us, we aren’t the only source of potential information loss when it comes to our own personal information.

Two non-profit groups, the Identity Theft Resource Center and, say that 2007 was a record setting year for data breaches in the United States. Linda Foley, founder of the Identity Theft Resource Center, told the AP, “More of them [companies] are experiencing data breaches, and they're responding to them in a reactive way, rather than proactively looking at the company's security and seeing where the holes might be.”

Foley’s group lists over 79 million reported compromised records in the U.S. from the beginning of 2007 through December 18, 2007. There were about 20 million reported compromised records in 2006.’s estimates show that about 162 million records were compromised through December 21, 2007 in the U.S. and overseas. Brian Martin from told the AP, “It's just the nature of business, that moving forward, more companies are going to have more records, so there will be more records compromised each year. I imagine the total records compromised will steadily climb."

There is one major similarity between the lists of compromised records held by the two groups: the massive data breach of TJX who owns both Marshalls and T.J. Maxx discount stores. This single security breach accounts for about 46 million of the records on both lists. DailyTech previously reported on this breach that occurred in May of 2007 within the TJX credit card processing system.

Not all breaches of data security are the result of hackers actively breaking into an organization’s servers and stealing information. The personal information of 25 million citizens was lost when the UK government lost two discs that stored the data.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Consequence
By CascadingDarkness on 1/2/2008 1:14:23 PM , Rating: 2
You seem to have to lenient idea in my opinion. Working in IT there isn't really anything I would consider an honest mistake short of inside job. Some people need to be trusted to not steal personal data, to an extend. They shouldn't have access to millions of records, but some. Other than that I don't think anything could be qualified as an honest mistake.

Is firewall ports not being closed an honest mistake? Cleaning service having access to private data in a recycle bin?

Protecting personal data is the companie's responsibility. If they fail they need to be held responsible. No, sending out fliers that say, 'Our bad, hope your identity doesn't get stolen'. Yeah, bad PR hurts them, but that isn't enough IMHO. I think they should be held responsible to provide a monitoring service you can opt-in to help be sure that doesn't happen for something like three years.

This doesn't even touch the likely huge amounts of breaches, lost data that goes unreported, both because the company keeps it quiet, and those they don't even notice.

"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer

Most Popular ArticlesTop 5 Smart Watches
July 21, 2016, 11:48 PM
Free Windows 10 offer ends July 29th, 2016: 10 Reasons to Upgrade Immediately
July 22, 2016, 9:19 PM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki