September 2011: Over 10m US Personal Records Potentially Compromised

More than 22 million for the year so far

2 min read
September 2011: Over 10m US Personal Records Potentially Compromised

A recent press release by the identity-theft protection company IdentityHawk reports that this past September, they counted 54 data breaches that saw 10,461,621 records potentially compromised, as compared to August, which had 44 reported data breaches and 678,614 records reportedly placed at risk. According to the latest count (PDF) at the Identity Theft Resource Center, as of the 18th of October, there have been 327 reported data breaches originating in the US so far this year resulting in 22,237,610 potentially compromised records.

A potentially compromised record is defined by the Identity Theft Resource Center as:

"... an event in which an individual’s name plus Social Security Number (SSN), driver’s license number, medical record, or a financial record/credit/debit card is potentially put at risk - either in electronic or paper format."

As a comparison, last year the Identity Theft Resource Center reported a total of 662 breaches resulting in 16,167,542 potentially compromised records. The year 2009 still hold the record with over 222 million records potentially compromised, mostly due to the Heartland Payment and US veterans' records data breaches.

According to the IdentityHawk release, about 27% of the data breaches reported so far this year were from known hacking.

Some compromised records that have not yet been added to the Identity Theft Resource Center are the 2,000 or so personal records of police officers were acquired by hacktivists claming to be from Anonymous in support of the Occupy Wall Street protests.

According to this story in ComputerWorld, the hacktivists:

"... attacked web sites in Massachusetts and Alabama, including the Boston Police Patrolmen's Association, International Chiefs of Police (IACP), sites run by forces in Birmingham and Jefferson counties in Alabama, and a web company called the Matrix Group which manages the sites."

"In addition to web defacement, the raid netted the attackers 600MB of data from the IACP, including the names and passwords for 1,000 Boston police staff, and the names, addresses, ranks, social security numbers, and phone numbers for another 1,000 officers in Alabama."

The hacktivists claimed that the attack was in response to "acts of aggression" against Occupy protestors. Attacking police web sites in retaliation for perceived police wrong-doing is becoming a common tactic by Anonymous members or followers.


Photo: iStockphoto

The Conversation (0)

How Police Exploited the Capitol Riot’s Digital Records

Forensic technology is powerful, but is it worth the privacy trade-offs?

11 min read
 Illustration of the silhouette of a person with upraised arm holding a cellphone in front of the U.S. Capitol building. Superimposed on the head is a green matrix, which represents data points used for facial recognition
Gabriel Zimmer

The group of well-dressed young men who gathered on the outskirts of Baltimore on the night of 5 January 2021 hardly looked like extremists. But the next day, prosecutors allege, they would all breach the United States Capitol during the deadly insurrection. Several would loot and destroy media equipment, and one would assault a policeman.

No strangers to protest, the men, members of the America First movement, diligently donned masks to obscure their faces. None boasted of their exploits on social media, and none of their friends or family would come forward to denounce them. But on 5 January, they made one piping hot, family-size mistake: They shared a pizza.

Keep Reading ↓Show less