Channels ▼


2010 Data Breach Investigations Report

Verizon has released its 2010 Data Breach Investigations Report this year, a study conducted by the Verizon RISK teak in cooperation with the United States Secret Service.

Among the findings are that 70% of data breaches resulted from external agents,48% were caused by insiders, 11% implicated business partners, and 27% involved multiple parties.

Among the data breaches studied, 48% involved privilege misuse, 40% resulted from hacking, 38% utilized malware, 28% employed social tactics, and just 15% comprised physical attacks.

Other interesting findings are that 98 of all data breached came from servers, 85% of attacks were not considered highly difficult, 61% were discovered by a third party, 86% of victims had evidence of the breach in their log files, 96% of breaches were avoidable through simple or intermediate controls, and 79% of victims subject to PCI DSS, a set of comprehensive requirements for enhancing payment account data security, had not achieved compliance.

Tthe 2010 Data Breach Investigations Report is the third installment in Verizon's series. The 2008 DBIR was a retrospective covering four years (2004-2007) of Verizon’s caseload in one massive data collection effort. The 2009 report opened the door to more active observation, greater detail, and new areas of study. This year's report adds the contributions (in data and expertise) of the United States Secret Service (USSS). The Verizon IR team worked over 100 cases in 2009; 57 of them were confirmed breaches. The 257 qualified cases in the USSS dataset included 84 cases from 2009, 102 cases from 2008, and 71 cases from 2007. The primary dataset analyzed in the report contained the 141 (57 + 84) confirmed breach cases worked by Verizon and the USSS in 2009

The complete report can be downloaded here.

Related Reading

More Insights

Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.