Home Identity Theft Report Highlights Number of Data Breaches in 2010, Need for Better Reporting

Identity Theft Report Highlights Number of Data Breaches in 2010, Need for Better Reporting

In an effort to highlight the risks of identity theft and to argue for a centralized database reporting site, the non-profit Identity Theft Resource Center (ITRC) has released its statistics on the number of data breaches in 2010. The center recorded 662 data breaches last year, noting that the figures are probably under-reported as in many cases there are no requirements for data breaches to be reported.


The ITRC defines a data breach as an event in which an individual’s name plus Social Security Number, driver’s license number, medical record, or a financial record (including credit card information) is potentially put at risk – either in electronic or paper format.

62% of those breaches reported exposed Social Security Numbers, and 26% involved credit or debt card information.

15.7% of the data breaches involved state and federal agencies and the military. Medical and health care facilities accounted for 24.2%, educational institutions accounted for 9.8% and the banking industry, 8.2%. That leaves businesses as the largest percentage of breaches – 42.1%.

Malicious attacks, according to the report, account for more breaches than human error – the former constitutes about 17% of breaches, while the latter, just 15%. However, almost 40% of those breaches reported did not identify the manner in which information was exposed.

Although the risks of hacked databases often make headlines, the report finds that paper breaches account for nearly 20% of known breaches.

Only 200 of the 662 breaches were credited to information provided by states and agencies with mandatory reporting.


“It is apparent, with few exceptions, that there is no transparency when it comes to reporting breaches,” said the ITRC in a statement to the press. “Other than breaches reported by the media and a few progressive state websites, there is little or no information available on many data breach events. It is clear that without a mandatory national reporting requirement, that many data breaches will continue to be unreported, or under-reported.”

As we’ve noted before, data security is likely to be an important trend for 2011. The ITRC report makes clear that this isn’t simply a matter of developing policies to secure information. It’s also about developing a better system – and a mandatory system – for notifying customers of data breaches.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.