The TJX Corporation, parent to discount chains TJ Maxx and Marshalls, has settled a series of lawsuits with banks over the data breach that compromised the credit card accounts of nearly 100 million shoppers.
More than 218 million "records containing sensitive personal information [have been] involved in security breaches in the U.S. since January 2005.
--Privacy Rights Clearinghouse

Data Breach Resources

This section offers links to information about data breaches and the impact they can have on individuals and organizations. The resources presented here can help you stay informed and be better equipped to protect your organization, customers, employees and key stakeholders.

 

Organizations and Links

Data Breach Watch

Databreachwatch.org provides up-to-date information on data breach alerts, articles, news and events. Security and privacy officers can rely on this single site for continually updated data on data breaches.

Federal Trade Commission

The FTC's website provides information on how affected organizations should deal with a data breach, including how to notify individuals whose data has been compromised and how to work with law enforcement.

U.S. Secret Service

The Secret Service investigates crimes associated with financial institutions, and has a long history of protecting American consumers and industries from financial fraud. It assists victims in contacting relevant investigative and consumer protection agencies and works with other federal, state and local law enforcement and reporting agencies to identify perpetrators.

Privacy Rights Clearinghouse

The Privacy Rights Clearinghouse (PRC) is a nonprofit consumer and advocacy organization. The PRC site provides information on how individuals can protect their privacy and maintains an extensive chronology of data breaches reported since 2005.

National Conferences of State Legislatures

The National Conferences of State Legislatures' website contains information on state security breach notification laws, recommended practices on notice of security breaches and general resources on state and federal laws that address policies and strategies for combating identity theft.

White papers, research reports and legislation

Consumer's Report Card on Data Breach Notification

The Ponemon Institute, April 2008
New 2008 study on how response to a data breach impacts customer views and opinions that in turn effects retention and churn.

2007 Annual Study: U.S. Cost of a Data Breach - November 2007
2007 Annual Study: U.K. Cost of a Data Breach - February 2008

The Ponemon Institute
The Ponemon Institute surveys document the high costs that result when companies in the United Kingdom and United States lose customer data.

The National Survey on Data Security Breach Notification

The Ponemon Institute, August 2005
This survey addresses the notification practices of U.S.-based business and government organizations when a data security breach occurs and personal information is either lost or stolen. In accordance with state laws, organizations are required to notify victims of a breach in a timely fashion.

Fair and Accurate Credit Transactions Act: Identity theft red flags and address discrepancies, 63718-63775-[07-5453]

The federal financial institution regulatory agencies and the Federal Trade Commission have released final rules on identity theft "red flags" and address discrepancies.

Combating Identity Theft: A Strategic Plan

Volume II: Supplemental Information

The President's Identity Theft Task Force, April 2007


Online Fraud Report

CyberSource, 2008
Managing online fraud continues to be a significant and growing cost for merchants of all sizes. Total losses from online payment fraud in the U.S. and Canada have steadily increased as eCommerce continues to grow. The online fraud study analyzes benchmark data and practices.

Identity Theft Prevention and Identity Management Standards Panel: Report and Webinar

The Better Business Bureau (BBB) and the American National Standards Institute (ANSI), January 2008
BBB and ANSI have teamed up to create a "one stop shopping" resource that would help arm businesses and other organizations with the tools they need to combat ID theft and fraud and protect consumers - and themselves - from the risks associated with these crimes.

ID Experts in Academia

ID Experts is dedicated to supporting academic research in the fields of identity theft and consumer and corporate fraud.

Learn more about ID Experts in Academia