Data breaches continue to hit the news yet are only a fraction of what is being reported. Some recent ones are Sony (more on this HERE … and yes I saw The Interview because of the press behind this) and Anthem (more on this HERE). The reasons why organizations don’t report a breach vary from the fear of having critical infrastructure confiscated (which today usually isn’t the case like it was in the past), have negative press or costs associated with an investigation. Hopefully these and other concerns don’t become barriers for reporting data crimes. The more criminals get away with crimes, more likely they will do it again with less concern of being caught.
One really good resource you can check out to learn more about known data breaches is datalossdb.org. The people at Open Security Foundation do a pretty good job keeping up with documenting data breaches as they become public. Here is a screenshot of some of the Latest Breaches from this website. As you see, the Anthem breach records loss stands out in this list.
Another cool chart on this website is the Largest Incidents report showing the number one breach as being a organization that has not publicly declared their identity.
To access details on a breach, you have to register with datalossdb.org, which is free to do. Once you register, you can see the dates specifics were recorded, record types involved with the case and so on.
What is also interesting is the section on statistics found by the security foundation organizations. For example, the next diagram shows the number of incidents over time. According to their findings, 2012 was the worst year for reported beaches.
There are many other interesting data points such as laws associated with a breach, search bars to see if a specific organization has been breached, etc. It is worth checking out.