Data breaches best 2007 record

The ID Theft Resource Center reports 516 large security breaches, exceeding the total for 2007, partly due to an increase in companies' disclosures.

Robert Vamosi Former Editor

As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

See full bio

Robert Vamosi

Oct. 6, 2008 3:04 p.m. PT

There have been 516 large security breaches this year to date, according to the ID Theft Resource Center, with 30,382,786 consumers potentially exposed.

That number is significant, because it's greater than the record number of breaches reported in 2007, said the ITRC, which released its report (PDF) last week. Part of the rise is the result of increased disclosure to consumers affected by breached organizations, as required by state laws. The ITRC also attributed the increase to its ability to access state attorney general notification lists; these often contain breaches that were not reported via media or other sources.

However, the 30 million customers whose records have been exposed this year may not all be affected by ID fraud; the affected companies may provide credit monitoring services which may stop fraudulent activity before it spirals out of the control. Furthermore, there may be duplicates in the information listed. (One person's information may appear in multiple breaches.)

A February 2007 survey from Javelin Strategy and Research reported around 8 million actual victims of ID Fraud in the U.S., and the amount of fraud had decreased from 2006 to 2007.