Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Dataloss] Is dataloss becoming the next 'computer virus' trend?
From: Chris Walsh (cwalshcwalsh.org)
Date: Mon Dec 18 2006 - 10:04:24 CST
On Mon, Dec 18, 2006 at 10:26:05AM -0500, Sean Steele wrote:
> I think it's clear we need a landmark tracking / longitudinal study of
> these breaches, their affected individuals, and ideally, the
> organizations in question, to assess whether there is a real crisis.
That is exactly what is needed.
We have people reading this list who are in a position to know about
things like fraud detection software, etc. What would it take to do
such a study?
Off the top of my head, we would need:
1. A master list of breached records, or the individuals to whom they
3. A second group of records/individuals not known to have been breached.
3. A way to identify attempted/actual using the identifying info of
Who would/could have such data? What legal restrictions might there be
against its use? In principle, this is doable -- ID Analytics took a crack
at it, but their sample was one purely of convenience.
> There may not be, as much as we think there is or might be.
And as much as the "no reason to believe the data were accessed..." crowd
would like to think there is not.
Dataloss Mailing List (datalossattrition.org)
Tracking more than 143 million compromised records in 512 incidents over 6 years.