A new study released by the Center for Media, Data and Society (CMDS) revealed that the main cause of European privacy breaches comes from an organization’s own errors, insider abuse and other internal mismanagement.
According to Phil Howard, Central European University Professor and director of the study, only 41 percent of incidents examined involved external attacks by hackers. Meanwhile, 57 percent of incidents were caused by administrative error, exposed online, stolen by insiders, or caused by missing hardware.
The study investigated 350 European breaches throughout a 10-year period, from 2005 to the third quarter of 2014, with specific speculation of the 229 incidents that directly affected the privacy of people in Europe
“We hear a lot of news stories about news hackers who break into systems and steal our personal information,” said Howard. “But that was the minority of incidents.”
Other key findings from the study included:
- 226 million personal records of people in Europe have been compromised in the last 10 years
- 89 percent of all records from examined breaches were lost by corporations, as opposed to governments or other kinds of organizations.
- Germany, Greece, Netherlands and Norway also have unusually high levels of privacy breaches
Howard suggests the best way to diminish these statistics is by implementing mandatory reporting, “When personal records get compromised, both companies and government should be required to report the possible privacy and breaches both to the victims and a privacy commissioner.”
“Most people don’t know who has legitimate access to their personal records, and they deserve to know when those records have been compromised,” said Howard.
The report adds that although Europe is moving towards the unified policy of data protection and requirements for reporting data breaches, there is still a major lack of information about exact cases and incidents.
Read More Here…