August 09, 2010

Financial services remains the industry most affected by security breaches, according to a report released today by Verizon and the U.S. Secret Service. A third (33%) of data breach cases and 94% of all compromised records were in financial services. "The targeting of financial organizations is hardly shocking; stealing digital money from information systems rather than vaults is basically just a less primitive form of bank robbery," the report notes.

The 2010 Data Breach Investigations Report looks at the 141 confirmed breach cases worked by Verizon and the USSS in 2009; the total number of data records compromised across these cases exceeds 143 million. The study found that 70% of data breaches are caused by external agents, 48% by insiders, 11% implicate business partners and 27% involve multiple parties.

Malware and hacking are prominent aspects of data breaches. The study found that 96% of compromised records were obtained through hacking, 94% of with the use of malware. About 3% of records were breached through social tactics such as solicitation, phishing or forgery; another 3% involved misuse by partners or insiders. Physical attacks and errors accounted for 1% each of stolen records.