[Dataloss] seriously flawed U Washington breach study

Jim Neister jneister at axistechnologyllc.com
Thu Mar 15 17:35:54 UTC 2007 

All good points. And...perhaps the thousands and thousands of people who
have been victims of ID theft were never able to find out from where the
thieves obtained their personal information, and thus what story can be
reported by the media?

-----Original Message-----
From: dataloss-bounces at attrition.org [mailto:dataloss-bounces at attrition.org]
On Behalf Of Bill Yurcik
Sent: Thursday, March 15, 2007 12:55 PM
To: dataloss at attrition.org
Subject: Re: [Dataloss] seriously flawed U Washington breach study


Adam:
       not much to confuse really,
       in the clip from the paper below the authors say the breach events
       were either lost from archives or they did not search well enough
       or media selection of which events to report is an explanation,
       well the simple fact is breach events were not being reported in
       the media to be found by the authors prior to the state
       breach disclosure laws which recently were legislated.

       thus the authors miss this primary point that breach
       events were not being announced by organizations to then be
       reported by the media. its a simple point but a dominant one that
       would appear to explain the dearth of events used in their study
       upon which they later make claims.

> *zero* breaches each year for the years 1988-91, 1993-94; less than 10 
> breaches each year from 1995-1999; and less than 25 breaches each year 
> from 2000-2004.

      Chris Walsh and I just had a thread on dataloss where we
      agreed that *even with* the recent data from state breach disclosure
      laws it is still hard to make general claims about breach disclosures
      although the situation is better with the data not worse.

Cheers! - Bill Yurcik

On Wed, 14 Mar 2007, Adam Shostack wrote:
>> On "page 22 of 31," starting from line 37:
>>
>> Several factors might explain the pattern of increasing incidents
>> and volume of compromised data over time. First, there is the
>> possibility that the results are skewed due to the relative growth
>> of new, fresh news stories devoted to this issue, and the loss of
>> older stories that disappeared from news archives as time
>> passed. Perhaps there have always been hundreds of incidents every
>> year, but only in recent years has the severity of the problem been
>> reported in the news. If this were the case, we would expect to see
>> a gradually decaying pattern with greater number of reported cases
>> in 2006 than in 2005, 2004, and so on. However, the dramatic
>> difference in reported incidents between later years and early years
>> suggests that this effect does not adequately explain ...
>>
>> So I'm confused by your claim that they don't recognize the issue.

> On Wed, Mar 14, 2007 at 05:35:33PM -0500, Bill Yurcik wrote:
> |
> | the authors did not identify (maybe because they did not recognize) how
> | incredibly bad their data is (years of data that are not even close),
> | they then went on to make bold claims! trash-in trash-out


_______________________________________________
Dataloss Mailing List (dataloss at attrition.org)
http://attrition.org/dataloss
Tracking more than 149 million compromised records in 598 incidents over 7
years.

More information about the Dataloss mailing list