International Journal of Public Information Systems

Abstract

The topic of data breaches, protection of information and data security salient to business and criminal justice researchers, practitioners in all profit and nonprofit organizations, consumer advocate groups and legislators throughout the world. This article analyzes the trends in data breaches in the United States and classifies them into five general industry sectors and eighteen sub-sectors using a new model recently developed by the authors and also provides basic recommendations for information and security personnel in every industry throughout the world to use to improve data protection and thus help protect public information for consumers and all types of organizations. The 2,280 data breaches tracked by the Privacy Rights Clearinghouse from 2005 through 2010 were used in the study. The findings indicate that the trends for the annual number of data breaches for the five general industries and their sub-sectors have increased, although inconsistently, over the six-year period. The analysis and classification of data breaches by general and sub-sector industries with the use of this new data breach model provides an awareness of the data breach problem for information managers and security personnel in public and private sector organizations throughout the world and also provides a workable methodological framework to help them develop innovative and useful policies for safeguarding personal information of consumers, clients, employees and other entities. The topic of data breaches and information management remains salient to business and criminal justice researchers, practitioners in all profit and nonprofit organizations, consumer advocate groups and legislators throughout the world.

Keywords – Data breaches, public information, data protection, identity theft.

References

Federal Trade commission (2012), “Consumer Sentinel Network Data Book”, available at

http://www.ftc.gov/opa/2012/02/2011complaints.shtm accessed on August 1, 2012.

Holtfreter, R. & Harrington, A. (2012), “Breaking Breach Secrecy, Part 3”, Fraud Magazine, Vol. 27, No. 1, pp. 40-50.

Holtfreter, R. & Harrington, A. (2011), “Breaking Breach Secrecy, Part 1 – Corporations Need to Publicize Breaches”, Fraud Magazine, Volume 25, No. 5, September/October, 2011.

Holtfreter, R. & Harrington, A. (2012), “Breaking Breach Secrecy, Part 2 - Gauging the Effectiveness of Data Breach Notification Legislation” Fraud Magazine, Volume 25, No. 6, November/December, 2011.

Identity Theft Resource Center® (ITRC, “Data Breaches”, available at www.idtheftcenter.org.

Privacy Rights Clearinghouse (2012), “Chronology of Data Breaches”, Privacy Rights Clearinghouse, available at http://www.privacyrights.org/data-breach.

Verizon Business (2012), “Data Breach Investigations Report”, available at www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf, accessed on August March 1, 2012.