Bart Porter at (re)blog compiled a list of data breach greatest hits of 2009.  Many of the incidents have been noted on the Kanguru Blog including the MP3 Player containing US Army data, local school district mishaps and hospitals that lose USB thumbdrives.

The conclusion:

 There are many interesting details to note in this dubious line-up of data security breaches, including how many health care, government and education organizations are represented. Even more significant is how few business enterprises show up on the list. This may be a clear indication of what many in the data security industry realize and fear – that most businesses suffering a significant data security breach do not publicly acknowledge incidents as they occur.

We expect this to change as more and more data breach notification laws are enforced at the state level.  The landmark Massachusetts law will take effect in March, 2010.  Data encryption will become mandatory for portable devices that store customer or employee information.

Data Security