Data Breach Notices Show Tip of the Iceberg

d2d writes "The Data Loss Database has released a new feature: The Primary Sources Archive, a collection of breach notification letters gathered from various state governments as a result of data breach notification legislation. The documents include breaches that were largely unreported in the media, many of which are significant incidents of data loss. This lends credence to the iceberg theory of data-loss reporting, where many incidents never break the surface. Now, thanks to the Open Security Foundation, we can 'dive' for them."

Some highlights

[alain94040]

Some of my favorite highlights from recent incidents (I know, I shouldn't RTFM):

Names and Social Security numbers of at least 250,000 found through search engine
Date: 2008-12-02
Organizations: Florida Agency for Workforce Innovation

I guess there are many different ways you an innovate...

Social Security numbers of 341 posted on web
Date: 2008-12-04
Organizations: Economic Research Institute

If it's for research, then it's ok to post on the web...

Stolen laptop contains names and Social Security numbers of "several thousand " employees
Date: 2008-12-11
Organizations: Hewlett-Packard

If you thought only small time loser organizations like the first two on my list where subject to embarrassing data loss, that one would set you straight.

--
http://fairsoftware.net/ -- Software Bill Of Rights