NEW YORK -- (BUSINESS WIRE) -- In conjunction with National Bracket Day, the nationwide phenomenon celebrating the upcoming NCAA Division I Men’s Basketball Championship, TeamSHATTER, the research arm of Application Security, Inc. (AppSecInc) today unveiled its “2012 Higher Education Data Breach Madness” bracket. In its third year, the bracket is a graphical representation of reported data breaches in the higher education vertical throughout the United States.
“Data Breach Madness is a fun and timely way to raise awareness of the higher education security landscape and the challenges those institutions face,” states Thom VanHorn, Vice President, Marketing, AppSecInc. “University environments are susceptible to breaches due to factors like easy-to-guess passwords and outdated infrastructures and as a result put students, alumni and employees at risk. Often times, our nation’s colleges and universities can be a playground for young hackers, testing their skills.”
The past year has seen a substantial uptick in the amount of total records breached. In 2012, there was a dramatic increase in the total number of reported records affected (1,977,412), but a relatively low amount of institutions (51) that reported breaches. In fact, the past year has seen the most reported compromised records in the higher education sector since 2006, based on data since tracking began in 2005.
The unwanted distinction of suffering the largest reported data breach in 2012 by a U.S.-based institution of higher learning came from the University of Nebraska, which reported a breach of 654,000 records on May 25, 2012. Rounding out the 2012 Higher Education Data Breach Madness “Final Four” were the University of North Carolina (350,000), Arizona State University (300,000) and Northwest Florida State College (279,000).
The University of Nebraska became the 25th higher education institution since 2005 to report a data breach in excess of 100,000 records. In fact, all four institutions in the 2012 “Final Four” eclipsed 100,000 stolen records, which is a first since 2009.
According to the Ponemon Institute’s most recent "Annual Study: U.S. Cost of a Data Breach" (March 2012), the findings showed that the average cost to organizations per compromised record was $194, though in the education vertical the average cost was far lower at $142 per record. However, based on the lower education average, the University of Nebraska data breach could cost the university over $92 million.
The "winner" of last year’s ‘Madness’ was Virginia Commonwealth University (VCU), which suffered a breach consisting of a reported 176,567 compromised records. In 2011, there was a substantial dip in reported breaches (48) and compromised records (478,490). UCLA still holds the record with 800,000 compromised records, reported in 2006.
“When we look back at the higher education data breaches in 2012, we can see that the hackers are clearly getting smarter at stealing data,” states Alex Rothacker, Director of Security Research, AppSecInc’s TeamSHATTER. “The reported breaches remain on the low side, yet the stolen data is over three times what we saw in 2011.”
Based on publicly reported data breaches compiled by Privacy Rights Clearinghouse, the Data Breach Madness bracket’s reflected outcome is specific to the total number of records breached at each higher education institution. The larger the breach, the further each institution went on in the "tournament", until an eventual "champion" was crowned.
To view the 2012 Higher Education Data Breach Madness bracket and learn more about the history of data breaches in the higher education market please visit: http://tinyurl.com/cvgqxyh
AppSecInc will also be hosting a webinar titled, “2012 Higher Education Data Breach Madness” on March 19th at 11:00 AM ET. To register, please visit: http://tinyurl.com/bhf728b
About Application Security, Inc.
AppSecInc is a pioneer and leading provider of database security solutions for enterprise of all sizes. By providing easy to deploy and manage, highly scalable software-only solutions – AppDetectivePro for security and risk professionals, and DbProtect for the enterprise – AppSecInc helps customers achieve unprecedented levels of data security, while reducing overall risk and helping to ensure continuous regulatory and industry compliance. Used by more than 1,300 active commercial and government customers worldwide, our proven and award-winning enterprise solutions are backed by the world’s most comprehensive database security knowledgebase from the company’s renowned team of threat researchers, TeamSHATTER.
DbProtect and AppDetectivePro are trademarks of Application Security, Inc. All other product names, service marks, and trademarks mentioned herein are trademarks of their respective owners.