Data Breach Resources
This section offers links to information about data breaches and the impact they can have on individuals and organizations. The resources presented here can help you stay informed and be better equipped to protect your organization, customers, employees and key stakeholders.
Organizations and Links
Databreachwatch.org provides up-to-date information on data breach alerts, articles, news and events. Security and privacy officers can rely on this single site for continually updated data on data breaches.
The FTC's website provides information on how affected organizations should deal with a data breach, including how to notify individuals whose data has been compromised and how to work with law enforcement.
The Secret Service investigates crimes associated with financial institutions, and has a long history of protecting American consumers and industries from financial fraud. It assists victims in contacting relevant investigative and consumer protection agencies and works with other federal, state and local law enforcement and reporting agencies to identify perpetrators.
The Privacy Rights Clearinghouse (PRC) is a nonprofit consumer and advocacy organization. The PRC site provides information on how individuals can protect their privacy and maintains an extensive chronology of data breaches reported since 2005.
The National Conferences of State Legislatures' website contains information on state security breach notification laws, recommended practices on notice of security breaches and general resources on state and federal laws that address policies and strategies for combating identity theft.
White papers, research reports and legislation
The Ponemon Institute, April 2008
New 2008 study on how response to a data breach impacts customer views and opinions that in turn effects retention and churn.
The Ponemon Institute
The Ponemon Institute surveys document the high costs that result when companies in the United Kingdom and United States lose customer data.
The Ponemon Institute, August 2005
This survey addresses the notification practices of U.S.-based business and government organizations when a data security breach occurs and personal information is either lost or stolen. In accordance with state laws, organizations are required to notify victims of a breach in a timely fashion.
The federal financial institution regulatory agencies and the Federal Trade Commission have released final rules on identity theft "red flags" and address discrepancies.
The President's Identity Theft Task Force, April 2007
CyberSource, 2008
Managing online fraud continues to be a significant and growing cost for merchants of all sizes. Total losses from online payment fraud in the U.S. and Canada have steadily increased as eCommerce continues to grow. The online fraud study analyzes benchmark data and practices.
The Better Business Bureau (BBB) and the American National Standards Institute (ANSI), January 2008
BBB and ANSI have teamed up to create a "one stop shopping" resource that would help arm businesses and other organizations with the tools they need to combat ID theft and fraud and protect consumers - and themselves - from the risks associated with these crimes.
ID Experts in Academia
ID Experts is dedicated to supporting academic research in the fields of identity theft and consumer and corporate fraud.
Learn more about ID Experts in Academia