Keeping track of idtheft victims of breaches

["Sasha Romanosky" <sromanos () andrew cmu edu>]

Hey everyone, 

I'd like to start keeping a record of those stories that cite actual numbers
of identity theft victims from data breaches. 

I realize it's difficult to know, and there's much room for error, but it
seems to me there is currently no record -- even a bad one -- of this kind
of information. It also gives those interested a place to follow up for more
detail. 

I have to think other people would be interested in these stories, too. To
that end, I'd like to ask that if you come across any studies or articles
(and if they're appropriate for this list) that you forward them on.
Otherwise, please feel free to send them to me. 

Thanks a bunch, 
sasha


> From checking some of my notes, I know of the following: 
- Choicepoint: 2900 (GAO-07-737)
- UnitedHealthcare: 155,
http://www.networkworld.com/news/2008/060308-unitedhealthcare-data-breach-le
ads-to.html?code=nlsecuritynewsal142524
- And in aggregate, the 3 studies I listed in my WEIS paper (Table 2).


_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml