Study: Smaller Data Breaches Have Higher Misuse Rate

  • Nov 07, 2007

ID Analytics Inc. recently announced the results of a new study on the harm resulting from data breaches. The study analyzed more than 10 million identities spanning more than a dozen data breaches. ID Analytics found five separate cases where breached identity data was misused by fraudsters, with two of those cases resulting from employee theft of data.

Key findings from ID Analytics' research include the following:

  • Smaller breaches had a higher misuse rate than larger breaches. Misuse of personal data ranged from one in 200 identities for breaches of fewer than 5,000 individuals to a misuse rate of less than one in 10,000 identities for breaches of more than 100,000 individuals.
  • Fraudsters engaged in organized misuse of breached identity data tended to cycle through the data quickly. Fraudsters would misuse a breached identity for no more than two weeks before moving onto the next identity.
  • The study found no evidence that fraudsters misusing breach data were selling the data broadly or distributing it over the Internet. This finding is significant because one of the greatest potential risks of data breaches is the broad dissemination of personal information to others with criminal intent.
  • Fraudsters tended to link the breached personal data to a limited set of new phone numbers or addresses, meaning they worked to associate these identities with particular phone numbers for verification purposes and with addresses where they could receive credit cards, wireless phones or other merchandise ordered using the breached identity data.

"In the two years since we conducted our previous National Data Breach Analysis study, concerns about data breaches have remained high," said Thomas Oscherwitz, ID Analytics' chief privacy officer and vice president of government affairs. "This new research shows the latest trends about the harm resulting from data breaches and how criminals are actually using the data. Our intention is to help organizations understand which types of data breaches pose the greatest risk, and how to best respond."

In two of the five cases of organized misuse, the breach perpetrator was an employee who stole data. In both cases, the resulting misuse was linked to identities geographically close to the site of the employee theft. These findings show new insights into the workings of internal data theft, particularly how fraudsters may favor those identities that represent easier access to physical addresses where the perpetrator could receive or intercept credit cards, stolen goods and bank statements.

Featured

  • From Surveillance to Intelligence

    Years ago, it would have been significantly more expensive to run an analytic like that — requiring a custom-built solution with burdensome infrastructure demands — but modern edge devices have made it accessible to everyone. It also saves time, which is a critical factor if a missing child is involved. Video compression technology has played a critical role as well. Over the years, significant advancements have been made in video coding standards — including H.263, MPEG formats, and H.264—alongside compression optimization technologies developed by IP video manufacturers to improve efficiency without sacrificing quality. The open-source AV1 codec developed by the Alliance for Open Media—a consortium including Google, Netflix, Microsoft, Amazon and others — is already the preferred decoder for cloud-based applications, and is quickly becoming the standard for video compression of all types. Read Now

  • Cost: Reactive vs. Proactive Security

    Security breaches often happen despite the availability of tools to prevent them. To combat this problem, the industry is shifting from reactive correction to proactive protection. This article will examine why so many security leaders have realized they must “lead before the breach” – not after. Read Now

  • Achieving Clear Audio

    In today’s ever-changing world of security and risk management, effective communication via an intercom and door entry communication system is a critical communication tool to keep a facility’s staff, visitors and vendors safe. Read Now

  • Beyond Apps: Access Control for Today’s Residents

    The modern resident lives in an app-saturated world. From banking to grocery delivery, fitness tracking to ridesharing, nearly every service demands another download. But when it comes to accessing the place you live, most people do not want to clutter their phone with yet another app, especially if its only purpose is to open a door. Read Now

  • Survey: 48 Percent of Worshippers Feel Less Safe Attending In-Person Services

    Almost half (48%) of those who attend religious services say they feel less safe attending in-person due to rising acts of violence at places of worship. In fact, 39% report these safety concerns have led them to change how often they attend in-person services, according to new research from Verkada conducted online by The Harris Poll among 1,123 U.S. adults who attend a religious service or event at least once a month. Read Now

Most   Popular

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.