KPMG's first
Data
Loss Barometer shows that 280m people worldwide have lost
personal details over the last three years, with almost a fifth
(19%) of data loss incidents linked to government
organisations.
The consultant said that overall, 25% of data losses were
through PC thefts.
KPMG said the problem of data losses from public organisations
and businesses is increasing, judging by the number of incidents
and their significance each year.
The barometer anticipates there will be over 400 breaches in
2008, as businesses become more reliant on technology, and despite
consumers' growing awareness of the issue surrounding identity
fraud and the threat to their personal information.
The first KPMG Data Loss Barometer tracked and analysed publicly
disclosed data loss incidents worldwide between 2005 and June 2008.
It found:
- 1,034 incidents reported
- 280m people have lost personal details over the last three
years
- All sectors affected: but 19 per cent are government
organisations
- 25 per cent of incidents through PC theft
- 50 per cent of cases come from internal sources
- 46 per cent of lost data had no protection
Malcolm Marshall, a KPMG partner, said, "Incidents of data loss
pose a serious threat to organisations of all sizes and across
every business sector. The impact on brand reputation is high and
customer trust can be seriously damaged.
"Finding possible leakages and ensuring that internal procedures
are in place with clear definitions will reduce companies' risk of
becoming a victim of data loss. Policies and controls should be
continually reviewed due to changes in technologies, processes and
personnel."
The barometer found that the most vulnerable sectors were
education and healthcare, where the number of personal records,
"the culture of these establishments", and restricted security
budgets left them particularly open to loss.
Government organisations saw 19% of incidents, while 14% of
losses were in financial services, where often financial data will
have the most immediate value for organised criminals.
Between 2007 and 2008, the barometer reveals that the details of
139m people were wrongly disclosed.
The research is based on publicly disclosed data loss incidents
recorded by the likes of the
Open Security
Foundation, the
Identity Theft
Centre and the Information
Commissioner's Office.
Hackney NHS trust encrypts IT equipment following loss of child
data >>
When IT meets politics blog >>