The number of data breaches reported in 2008 has surpassed those reported in 2007, according to the Identity Theft Resource Center (ITRC), a non-profit organization tracking the statistics. The pros and cons of data breach insurance: The security incident at the Hannaford supermarket chain and elsewhere have some wondering if it’s time to purchase data breach insurance. ITRC, an organization that tracks data breaches and educates consumers about identity protection, said its 2008 breach list surpassed the total of 446 reported in 2007.<\/p>\n","protected":false},"excerpt":{"rendered":"
“Those companies become victims of the breach as much as the individuals whose information has been affected,” said Linda Foley, founder of the ITRC. “In many cases they entrusted a vendor to provide a service to safeguard information at the highest level, and when they transport it from one place to another unencrypted, they’re not taking it to the highest level… Companies need to have a better understanding of the contractual obligations of the firm they outsource payroll and other processes to, Foley said.<\/p>\n
Foley said the growth in the number of breaches from year to year can no longer only be attributed to required reporting laws and media investigative work. Since each state has its own law requiring notification, companies are not held to one consistent standard to report a breach. Some states are adding language to the law, making it a requirement to provide public notification of the breach notification letters issued to customers, Foley said.<\/p>\n
The researchers said current breach laws are problematic because they leave any action, such as canceling a credit card, up to the consumer.<\/p>\n
Foley said the ITRC’s breach response program provides a consultant to the company to advise them on an appropriate breach notification letter and first responder calls.<\/p>\n
http:\/\/searchsecurity.techtarget.com\/news\/article\/0,289142,sid14_gci1327048,00.html<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2208","post","type-post","status-publish","format-standard","hentry","category-trends"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2208","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2208"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2208\/revisions"}],"predecessor-version":[{"id":4695,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2208\/revisions\/4695"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2208"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2208"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2208"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}