Hack Attacks Now Leading Cause Of Data Breaches

Exclusive: Identity Theft Resource Center identifies hacking, followed by data lost in transit and insider attacks, as the leading data breach culprits in 2011.

The majority of data breaches stem from hack attacks, followed by data that's lost while physically in transit. That's according to a forthcoming study from the Identity Theft Resource Center (ITRC), which assessed all known information relating to the 419 breaches that were publicly disclosed in the United States in 2011. A copy of the report was provided to InformationWeek in advance of its release.

Last year, data breaches triggered by hacking--defined by the ITRC as "a targeted intrusion into a data network," including card-skimming attacks -- were at an all-time high, and responsible for 26% of all known data breach incidents. The next leading cause of breaches was data on the move (18%) -- meaning electronic storage devices, laptops, or paper reports that were lost in transit --followed by insider theft (13%).

Overall, malicious attacks -- counting not just hack attacks but also insider attacks -- accounted for 40% of publicly disclosed breaches, while 20% of breaches were the result of accidental data exposure.

All told, the ITRC counted 22.9 million records as being exposed in 2011, of which 81% included social security numbers. Of all known breaches, 62% involved the exposure of social security numbers and 27% involved credit or debit card data.

[To read the entire article, visit InformationWeek].