Data Theft's on the Rise

Despite tougher legal penalties and growing public paranoia, U.S. organizations are experiencing more data breaches than ever before. This is the New Year's message from the Identity Theft Resource Center (ITRC), a consumer watchdog set up to monitor data breaches.

From lost laptops to missing tapes, firms and government organizations across the U.S. suffered some 446 data breaches last year, compared to just 312 in 2006, according to the ITRC. Worryingly, the number of records exposed by these storage snafus rose from 20 million in 2006 to a massive 128 million in 2007.

Sure, part of the reason for the leap in the number of breaches can be attributed to changes in the legislative landscape. CEOs and CIOs are under growing pressure to inform their customers in the event of a data breach. But there's also more crime, it seems.

"Our sense is that two things are happening - the criminal population is stealing more data from companies AND that we are hearing more about the breaches," wrote an ITRC spokesman in a statement released on New Year's Eve.

U.S. organizations hitting the headlines for the wrong reasons last year included the State of Ohio and retail giant TJX, although even these were overshadowed by the U.K. government, which somehow managed to lose the personal details of some 25 million people in the mother of all data breaches.Embarassing as the U.K.'s security lapse is, there is clearly a job still to be done on this side of the Atlantic. Even considering the fact that the TJX breach accounted for 94 million of 2007's exposed records, more and more data continues to fall through firms' hands.

Hopefully, 2008 will see an improvement.