Brian Krebs reports on a study by AARP about data breaches over the past 16 months.
The study attributes about a third of breaches to deliberate software breakins, slightly less (29%) to theft of laptops, and most of the rest (23%) to improper display of sensitive information. Employee theft came in at 7%, and lost backup tapes at 2%. Of course, some of the actual individual lost tape incidents have lost millions of identities.
The study, and Krebs, attribute the breaches to "criminal hackers". I do get tired of that canard; it's about like referring to "criminal locksmiths". or "criminal old folks" (had to read the title twice to see the comma, didn't you?). If these perpetrators are criminals, they're hardly old-style hackers in it for the intellectual exercise, nor even script kiddies in it to impress their friends, now are they? What's wrong with just calling them criminals?
Also, while I salute AARP for doing this study, I do wonder why an association of old folks has to do it, when we the taxpayers are paying billions to support DHS.
-jsq
jsq, aren't you eligible for AARP membership yourself? ;-)
Posted by: wpn | September 12, 2006 at 01:23 PM