Why we do this

[lyger <lyger () attrition org>]

http://attrition.org/dataloss/why.html

Tue Feb 20 21:01:22 EDT 2007


"Will you remove an entry from the Data Loss web page or DLDOS?"

On a few occasions, Attrition has been asked if we will remove a data loss 
entry. In many cases, a company's representative feels that since the 
incident wasn't conclusively proven to have had personal data compromised, 
it's imperitive that the listing of the company come down as well.

While this is certainly understandable, Attrition will not remove entries 
of companies with potential data loss incidents. There are several reasons 
for this -- primarily, Attrition's web page and database are services to 
the security community, just as a news outlet is. We report on data loss 
incidents, either confirmed or in question. As part of our reporting, we 
gather statistics and serve as a record.

Attrition's statistics, for instance, are a very valuable part of the 
service we provide. Our staff are often questioned on the subject of data 
loss incidents and current trends in the subject matter, and we have been 
even been asked by the United States government to assist with research 
regarding said incidents.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 149 million compromised records in 580 incidents over 7 years.