A sign outside the TJX Cos. headquarters is seen in Framingham, Mass. The company, owner of discount stores including T.J. Maxx and Marshalls, in March acknowledged that information from at least 45.7 million credit and debit cards was stolen over an 18-month period.
Record Data Breaches in 2007, Groups Say
A sign outside the TJX Cos. headquarters is seen in Framingham, Mass., in this file photo taken Wednesday, Feb. 21, 2007. TJX Cos., owner of discount stores including T.J. Maxx and Marshalls, in March acknowledged that information from at least 45.7 million credit and debit cards was stolen over an 18-month period. The breach is believed to have started when hackers intercepted wireless transfers of customer information at two Marshalls stores in Miami _ an entry point that led the hackers to eventually break into TJX's central databases.
The loss or theft of personal data such as credit card and Social Security numbers soared to unprecedented levels in 2007, and the trend isn't expected to turn around anytime soon as hackers stay a step ahead of security and laptops disappear with sensitive information.
And while companies, government agencies, schools and other institutions are spending more to protect ever-increasing volumes of data with more sophisticated firewalls and encryption, the investment often is too little too late.
"More of them are experiencing data breaches, and they're responding to them in a reactive way, rather than proactively looking at the company's security and seeing where the holes might be," said Linda Foley, who founded the San Diego-based Identity Theft Resource Center after becoming an identity theft victim herself.
Foley's group lists more than 79 million records reported compromised in the United States through Dec. 18. That's a nearly fourfold increase from the nearly 20 million records reported in all of 2006.
Another group, Attrition.org, estimates more than 162 million records compromised through Dec. 21 both in the U.S. and overseas, unlike the other group's U.S.-only list. Attrition reported 49 million last year.
"It's just the nature of business, that moving forward, more companies are going to have more records, so there will be more records compromised each year," said Attrition's Brian Martin. "I imagine the total records compromised will steadily climb."
But the biggest difference between the groups' record-loss counts is Attrition.org's estimate that 94 million records were exposed in a theft of credit card data at TJX Cos., the owner of discount stores including T.J. Maxx and Marshalls. The TJX breach accounts for more than half the total records reported lost this year on both groups' lists.
The Identity Theft Resource Center counts about 46 million the number of records TJX acknowledged in March were potentially compromised. Attrition's figure is based on estimates from Visa and MasterCard officials who were deposed in a lawsuit banks filed against TJX.
The loss or theft of personal data such as credit card and Social Security numbers soared to unprecedented levels in 2007, and the trend isn't expected to turn around anytime soon as hackers stay a step ahead of security and laptops disappear with sensitive information.
And while companies, government agencies, schools and other institutions are spending more to protect ever-increasing volumes of data with more sophisticated firewalls and encryption, the investment often is too little too late.
"More of them are experiencing data breaches, and they’re responding to them in a reactive way, rather than proactively looking at the company's security and seeing where the holes might be,'' said Linda Foley, who founded the San Diego-based Identity Theft Resource Center after becoming an identity theft victim herself.
No comments:
Post a Comment