Out-Law News 1 min. read
07 Nov 2013, 4:26 pm
Javelin Strategy & Research (Javelin) said that the figures highlighted the "disturbingly high rate" of people whose data had been compromised and who had also fallen victim to identity fraud.
According to the report, 15.8 million US consumers had their payment card data compromised in a data breach last year and 4.4m of those affected suffered fraud on existing credit or debit cards.
Identity fraud was experienced by 1.26m Americans who were told their social security numbers were compromised in a data breach, it said, whilst 270,000 consumers who had their online banking login details compromised suffered fraud on their accounts.
"By breaching the data stores of businesses in the financial, healthcare and retail industries, criminals can obtain the fuel they need to execute various fraud schemes, and these crimes have crippling consequences," said Al Pascual, senior analyst of security, risk and fraud at Javelin. "Identifying and protecting the sensitive information typically stored by these industries is essential for mitigating the risk of a data breach and, therefore, the risk of financial loss to data custodians, consumers and third-party businesses."
Javelin said that retailers, banks and other businesses should take steps to protect data at rest on their systems. The organisations should locate and identify sensitive data, such as bank account details and payment card data, and classify the information in order to "ease efforts to control the access, routing, and storage of different types of data".
The security measures applied to data should be "commensurate to the risks associated with the loss of respective categories of data" and companies should "implement and enforce policies designed to prevent unprotected data from being stored outside of approved locations", it added.