informa
Quick Hits

Report: 2008 Saw More Records Breached Than The Previous Four Years Combined

Most compromises could have been avoided, Verizon study says
More electronic records were breached in 2008 than the previous four years combined, according to a report published today by Verizon Business Systems.

This second annual study -- based on data analyzed from Verizon Business' actual caseload comprising 285 million compromised records from 90 confirmed breaches -- revealed that corporations fell victim to some of the largest cybercrimes ever during 2008, the company said.

The financial sector accounted for 93 percent of all such records compromised last year, and a staggering 90 percent of these records involved groups identified by law enforcement as engaged in organized crime.

Verizon Business investigative experts found, as they did in the company's first report covering 230 million compromised records from 2004 to 2007, that nearly nine out of 10 breaches were considered avoidable if security basics had been followed. Most of the breaches investigated did not require difficult or expensive preventive controls.

Similar to the first study's findings, the latest study found that highly sophisticated attacks account for only 17 percent of breaches. However, these relatively few cases accounted for 95 percent of the total records breached -- proving that motivated hackers know where and what to target, the company says.

"The compromise of sensitive information increased dramatically in 2008, and it's past time to be vigilant about enterprise security," said Dr. Peter Tippett, vice president of research and intelligence for Verizon Business Security Solutions. "This report should serve as another wake-up call that good security and a proactive approach are paramount to running a business in this day and age -- particularly since the economic crisis is likely to trigger a further increase in criminal activity."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Recommended Reading: