Report: Data Breaches Hike Fraud Risk 400%

November 1, 2009 by ADMIN

Share |

By Doug Pollack, Chief Marketing Officer for ID Experts

Because data breaches have become such commonplace incidents, there is concern that people have become desensitized to the potential harm they face upon receiving a notification letter from an organization informing them that sensitive information has been lost or misappropriated.

A recently published report from Javelin Strategies should be a wake up call to those people.

The Javelin report, Data Breach Notifications: Victims Face Four Times Higher Risk of Fraud, is based on multiple years of data and includes updates on 2009 data breaches, implications of changes to the legislative landscape and the technical means by which data breaches occur.

This report should also be heeded by those banks, healthcare organizations, government agencies, insurance companies and others that we entrust with our social security and checking account numbers, birthdates and mothers’ maiden names, and in some cases our personal health information.

Primary Questions

Is there a link between data breach notification letters and identity fraud?
Are data breach notification letters working?
In the face of escalating data breaches, what should financial institutions and other companies do to protect brands and customer loyalty?
How do victims respond to breach notification, and how does this impact their relationship with their financial institution?
Are paper or electronic records most vulnerable?
How are criminals obtaining data records?

There is now proof that data breach incidents put the affected individuals in harms way.

This report is mainly based on consumer data collected from Javelin’s annual Identity Fraud Survey. The survey is conducted each year using computer-assisted telephone interviewing (CATI) via random-digit dialing from 4,784 respondents in October 2008, 5,075 respondents in October 2007, and 5,000 respondents in October 2006. The surveys targeted respondents based on representative proportions of gender, age and income compared to the overall U.S. online population.

Some data also came from Dataloss.db.org, an open community research project that documents known and reported data loss incidents worldwide. Some data also came from the Identity Theft Resource Center, a non-profit organization that compiles information about public data breaches to help understand and prevent identity theft.

The responsibility for doing everything possible to help these people address this harm — from identifying identity fraud to cleaning up the fraud — should fall squarely on the laps of the entrusted organizations.

* * *

Stay Informed With ISR News Alerts:

* * *

Doug Pollack has 20+ years of industry experience in computing, networking, and software. He currently resides in Portland, Oregon and is Chief Marketing Officer for ID Experts, leader in data security breach prevention and remediation. His background includes over 13 years in Silicon Valley in management positions at Apple, 3Com, and a software startup that grew to $25MM and an IPO. After relocating to Oregon, Doug led marketing & business development for GemStone Systems, a Java technology company with close ties to Sun Microsystems & IBM, to an acquisition in 2000. Doug has also acted as interim CEO for two venture-backed software startups and prior to ID Experts was VP of marketing and business development for Digimarc, a $100MM publicly traded corporation (DMRC). Doug’s educational background includes a BSEE from Cornell Univerisity and an MBA from the Stanford Graduate School of Business.

ID Experts provides data breach solutions, risk assessment, forensic investigation and fully managed victim identity restoration to corporations, financial institutions, healthcare organizations and government agencies. As a leader in data breach prevention and remediation, the company has managed hundreds of data breach events, protects millions of individuals from identity theft and authored the Identity Crime Victim’s Bill of Rights. ID Experts is actively involved with industry organizations including ANSI/Identity Theft Prevention and Identity Management Standards Panel, International Association of Privacy Professionals, Internet Security Alliance, and the Santa Fe Group.

The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com

These icons link to social bookmarking sites where readers can share and discover new web pages.

Share |

Filed under: Breach, D&O Liability, Doug Pollack, FEATURE ARTICLE, Financial, Government, IDExperts, Insider Threat, PCI, PCI Security Standards Council, Sarbanes-Oxley, Uncategorized, Webcast, due diligence, hackers, healthcare, identity-theft, national security, privacy

Tags: (ISC)2, 2009, access, Anthony M. Freed, Banks, best practices, birth certificate, birthdate, Breach, Breach Healthcheck, breaches, bypass, CGEIT, CIPP, CISA, CISM, CISSP, CMU, CMU SSN, computer, confidential, consumer product liability, control, Costs, CPA, CRE, criminal, CSI, cyber security, cyber-crime, cybersecurity, D and O liability, Data, Data Breach Notifications: Victims Face Four Times Higher Risk of Fraud, deidentification, Doug Pollack, DRI, due diligence, Economy, electronic database, Finance, Financial, Financial Identity, Financial InfoSec, fraud, FTC, governance, government agencies, hackers, healthcare, healthcare organizations, Heartland Payment Systems, HIPAA, homeland Security, HPS, HPY, ID, identity thief, IDExperts, IIA, Infoduciary, Information, Information Fiduciary, Information-Security-Resources.com, InfoSec, infrastructure, insurance companies, ISACA, ISR, ISSA, Javelin Strategies, law, legal, liability, medical, minors, misuse, News, notification, online fraud, PCI, PHI, privacy rights, recession, red flags, risk, scams, Security, social security number, stealing data, stimulus, students, System, systems, theft, third party, vendors, Web 2.0, zero day attack, zip code

Comments

3 Comments on Report: Data Breaches Hike Fraud Risk 400%

CentricsIT on Sun, 1st Nov 2009 5:07 pm

This is a wake up call. Management for IT systems is a must and should always be professionally handled. Good article, thank you.

Jess on Thu, 5th Nov 2009 10:05 am

Good article Doug. It’s sad (and scary) to say that “data breaches have become such commonplace incidents.” Security management is no easy task for a business, but unfortunately it’s just one of those things where the best safety procedures, staff and technology need to be in place 110%. Nothing can be overlooked.

Thanks for posting,
-Jess
Secure File Transfer

Good Data on IT Risk Management | Insecure About Security | Management Business Wisdom on Thu, 5th Nov 2009 5:33 pm

[...] Report: Data Breaches Hike Fraud Risk 400% : Information Security … [...]

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

Categories
- Anthony M. Freed (26)
- Bill Brenner (2)
- Bob Violino (1)
- Bozidar Spirovski (23)
- Breach (540)
- Britt Womelsdorf (5)
- By Dr. InfoSec (2)
- Cara Garretson (7)
- CCCNews (1)
- Chorey Taylor & Feil (8)
- Christophe Veltsos (2)
- Christopher Burgess (7)
- CIOZone (26)
- Class Action Lawsuit (111)
- Cloud computing (113)
- Coby Royer (5)
- CTO Forum (9)
- D&O Liability (601)
- Daniel Wallace (5)
- Danny Lieberman (11)
- DataLine (10)
- David Alexander (2)
- Derek Crawford (1)
- Doug Pollack (7)
- due diligence (310)
- Fame Foundry (1)
- FEATURE ARTICLE (428)
- Financial (587)
- Fred Leland (7)
- Gene Kim (3)
- Government (373)
- Greg George (5)
- H1N1 (15)
- hackers (539)
- healthcare (134)
- Heather Bourgoin (1)
- HomeATM (8)
- identity-theft (535)
- IDExperts (17)
- Ike Z. Devji (1)
- Infosec Island Network (38)
- Insider Threat (490)
- Internet Crime Complaint Center (1)
- Internet Security Alliance (71)
- ISR News (321)
- Jacqueline Herships (2)
- Jenni Hesterman (3)
- John M. Salomon (2)
- John Watkins (7)
- John-Patrick Skaar (2)
- Kaliber Data Security and Compliance Consultants (3)
- Kat Sanders (2)
- Ken Leeser (3)
- Kevin L. Jackson (10)
- Kevin M. Nixon (21)
- Larry Ketchersid (1)
- Laton McCartney (7)
- Lauren Taylor (1)
- Linda McGlasson (1)
- malware (501)
- Mark Smail (1)
- Mark Wright (1)
- Mel Duvall (3)
- Michael Eggebrecht (3)
- Michael Lohr (1)
- Michael O'Conner (4)
- MicroSolved (1)
- Mike Duncan (3)
- Mike Meikle (4)
- Mike Spinney (1)
- Military (211)
- national security (453)
- PCI (308)
- PCI Security Standards Council (32)
- Physical Security (11)
- privacy (552)
- Rachel James (10)
- reach (11)
- Rebecca Herold (16)
- Richard Stiennon (44)
- Robert Siciliano (34)
- Sarbanes-Oxley (502)
- ScamStop (2)
- Sean Wilkins (2)
- Semyon Dukach (1)
- Simon Heron (14)
- Software Associates (11)
- Steven Fox (19)
- SUPERAntiSpyware (3)
- Sybase (6)
- Symplified (5)
- The Jester (8)
- The Privacy Professor (16)
- Thomas R. Fox (8)
- Tom Groenfeldt (2)
- Tom McLain (2)
- Trefis (14)
- Tripwire (18)
- Uncategorized (621)
- virtualization (101)
- Webcast (49)

Information Security Resources

Report: Data Breaches Hike Fraud Risk 400%

Comments

3 Comments on Report: Data Breaches Hike Fraud Risk 400%

ISR Headline Index

Recent Comments

Categories