Insider triggered data breaches on the rise

I was surprised to learn that the largest single cause of data breaches is the result of human error. I would certainly have thought that misconduct was to blame. But according to Brian Krebs article "Data Breaches Up Almost 50 Percent, Affecting Records of 35.7 Million People" at washingtonpost.com, mistakes like losing laptops, accidentally posting personal data online and unintentionally exposing consumer data are the cause of more than 35 percent of breaches. That notwithstanding, aberrant and intentional misbehavior still accounts for a whole lot of breaches.

I wasn’t surprised to learn that many businesses keep it to themselves when they’ve experienced customer data breaches, or at least don’t reveal the extent of the breach, preferring to keep their reputations as untarnished as possible. The real downer in this article was that current and former employees account for quite a bit of the treachery. According to Krebs, the Identity Theft Resource Center of San Diego “found that the percentage of breaches attributed to data theft from current and former employees more than doubled from 7 percent in 2007 to nearly 16 percent in 2008.”  It seems that while businesses are better protecting themselves from outside attacks (like from hackers) they’re getting worse at defending against insider misdeeds.

With the current sagging state of the economy (with no real respite yet in sight) I only hope these companies bolster their defenses soon. Because, employees, those that are disgruntled as well as those who’re just having a hard time making ends meet, will certainly continue this trend if they believe they can do so and gain some financial advantage.