Number of Data Breach Incidents Expected to Grow

Washington, DCIf it seems as though everywhere you turn there’s more news about a huge data breach, you might not be far off. Recently, more information was released about the massive information breach from Michaels craft stores. Meanwhile, students at Iowa State University learned that their information may also have been taken. According to reports, however, although these data breaches are becoming more common, companies are taking longer to warn consumers about incidents.

In January 2014, Michaels confirmed it was part of a data breach, but did not give much information beyond that. According to The Washington Post (4/18/14), the company recently said that information from its customers’ debit and credit cards was stolen from approximately three million customers over eight months.

Michaels, Target and Neiman Marcus were all hit at around the same time. Lawsuits have been filed by some consumers arguing the companies did not do enough to protect consumer information and did not warn them quickly enough when the data breach occurred.

Meanwhile, up to 30,000 students at Iowa State University had their social security numbers compromised by hackers, The Des Moines Register (4/22/14) reports. A breach of university servers resulted in information from students in computer science, world languages and cultures, and materials science and engineering courses from 1995 to 2012. Although there is no evidence the information was stolen, it was compromised.

Students whose information was on the affected servers have been advised to monitor their financial reports.

A report from Verizon investigating data breaches raises concerns that the number of breaches is likely to increase in 2014. The report, “2014 Data Breach Investigations Report,” found that hackers are becoming efficient and organized and companies are struggling to keep up with them.

According to the report, in 2013 there were 63,437 incidents in which hackers breached a company’s security system. In 1,367 cases, personal information was stolen. There were also 200 incidents involving payment systems used in retail shops, hotels and restaurants. As Bryan Sartin, director of Verizon’s risk management team noted, there are organized criminal groups buying and selling personal information, not just teenagers having some fun.

Many times companies don't realize for months that their system has been compromised. When they do find out, it’s often when an outside group tells them, not because their own security measures have caught the leak. According to the report, only nine percent of victims (meaning the organizations whose security was breached) found the breaches on their own.