David Litchfield's Weblog

Home
Archives
NGSSoftware
DatabaseSecurity.com


Greymatter Forums

October 2007
SMTWTFS
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      

Valid XHTML 1.0!

Powered By Greymatter

RSS 1.0 FEED
RSS 2.0 FEED
Atom 0.3 FEED
Powered by gm-rss 2.0.1
Home » Archives » October 2007 » 4000 Breaches!!!

[Previous entry: "SQL Injection and Data Security Breaches"] [Next entry: "Computer Misuse Act Section 3a clarification"]

10/27/2007: "4000 Breaches!!!"


I read a story the other day reporting that the Office of Management and Budget issued a memo in July 2006 requiring agencies to report all security incidents that may involve PII within an hour. A year later 4000 incidents had been reported. 4000. Ok, even if as Karen Evans says that only a small percentage turned out to be "real" incidents that's still a huge amount - even just 1 percent is 40. The figures coming through the Privacy Right Clearing House / Attrition must be just the tip of the iceberg of known breaches - let alone of course the unkown.