How to Use the Chronology of Data Breaches


Send to PrinterSend to Printer

Introduction

Privacy Rights Clearinghouse has launched a much-improved and expanded Chronology of Data Breaches. In addition to updating our data, auditing our listings and adding new data sources, we’ve added several functional improvements. These improvements are designed to assist researchers, the media and everyday consumers to better understand trends within our data. This guide explains how these new features work and how to navigate through the Chronology. If you have additional questions after reading the guide, please email us at webmaster (at) privacyrights (dot) org.

Chronology: www.privacyrights.org/data-breach

Basics: What is the Sorting Feature and How to Use It

The Chronology provides sorting features, accessible here: http://www.privacyrights.org/data-breach#CP.

Currently, every breach incident is categorized according to the following criteria:

  • Type of breach. This describes what occurred that resulted in the disclosure. For example, was there a hacking incident?
  • Type of organization. This describes the type of companies or organizations involved in or responsible for the breach. For example, educational institutions are one type of organization while healthcare facilities are another.
  • Year. This is the year that the breach was made public. Please note that this is not necessarily the year the breach occurred, only the year it was revealed.

When a user arrives on the page, ALL of the boxes are checked and ALL of the breach incidents are shown.

To view the Chronology in its entirety, just scroll down.

To do a custom sort of the data, you should uncheck boxes that you do not want included in your results and then click “Go!” Results will provide both the number of breach incidents and number of records involved.

So, for example, if you would like to see all of the Government and Military breaches listed in the Chronology, simply uncheck the other types of organizations and then select “Go!”

Data Breach Basic

You can also exclude other data from the results. For example, you can unselect every type of breach except for Portable Device as well as unselecting every type of organization except for Government and Military. Now when you click “Go!”, the results displayed will show breaches between 2005-2010 of government and military organizations as a result of a lost, stolen or discarded portable device.

 

Basic info

 

Important tips to keep in mind:

  1. Remember, you must click “Go!” for your selections to take effect.
  2. Clicking the “Reset” button will automatically add check marks to every box, but you must select “Go!” for your selections to take effect.
  3. You must select at least one box from each of the 3 categories (Type of breach, type of organization and year). If you leave one category completely blank, you will get no results.


Visit Chronology: www.privacyrights.org/data-breach

Understanding Your Results – the Breach Subtotal

After you have conducted a custom sort of the data, you will notice a box appears directly below the sorting features. The box is called the “Breach Subtotal” – and it provides valuable information about your custom sort. Here is an example of a Breach Subtotal for a custom sort of all breaches affecting medical institutions from 2005-2010:

Annual

The Breach Subtotal provides you with:

  • A summary of your search criteria. It shows you the types of breaches, types of organizations and years included in your search results.
  • The number of records included in your custom sort (remember, only records that involve bank account information, credit card numbers or Social Security numbers are included in our total). In the above example, 14,518,914 sensitive records are in the results.
  • The number of breaches that fit your criteria. In the above example, 309 incidents are in the results.

Whenever you conduct a custom search, look to the Breach Subtotal to provide information about the results. To review individual data breach incidents, just scroll down below the Breach Subtotal.

Comparing Annual Data

One of the most useful features of the Chronology is the ability to quickly compare different data sets, especially annual data. To compare how data has changed from year to year, you can use the sorting function to display data for only one year at a time. Do this by unchecking all of the boxes except for the year(s) you want included, then click “Go.” Remember, you must click “Go” for changes to take effect.

years

The ability to compare annual data is particularly useful when understanding trends in data breaches over time. Some of the information that can be garnered from these types of searches includes:

  • Whether the annual number of data breach incidents is increasing or decreasing
  • Whether the annual number of records breached is increasing or decreasing

Visit Chronology: www.privacyrights.org/data-breach

Comparing Types of Organization

The Chronology provides researchers and consumers the ability to compare breaches that occur in different types of organizations. For example, one can do a custom sort to see breaches that occur at just educational institutions or just at healthcare providers.

The data can be sorted by unchecking the organizations you don’t want included in your results. Then hit “Go!” to see your results.

 

organizations

 

You can compare breaches by one type of organization to breaches by another easily by repeating this search and selecting a different organization type to focus on.

The ability to compare organization data is vital when searching for patterns in data. Some of the information that can be garnered from this type of analysis includes:

  • Whether certain types of organizations are more likely to show up in the Chronology than others – either because they experience more breach incidents or because the reporting requirements for this type of organization are more stringent
  • Whether, on average, the breaches of certain types of organizations contain more personal records that other types of organizations
  • Detailed reports on the type of breaches and data trends typical to one type of organization, such as government and military


Visit Chronology: www.privacyrights.org/data-breach

Comparing Types of Breaches

The Chronology provides researchers and consumers the ability to compare different types of breaches. For example, one can sort the data so that only breaches that occur as a result of hacking will be displayed.

The data can be sorted by unchecking the types of breaches you don’t want included in your results. Then hit “Go!” to see your results.

breaches

You can compare one type of breach to another easily by repeating this search and selecting a different breach type to focus on.

Some of the information that can be garnered from these types of searches includes:

  • Whether certain breach types occur more frequently than others in the Chronology – either because they are the most frequent type of breach or they are the most likely to be reported.
  • Whether, on average, some types of breaches include a larger number of sensitive records than others.

Visit Chronology: www.privacyrights.org/data-breach

Custom Sort

The improved sorting and searching features of the Chronology also provide researchers and consumers the ability to create custom sorts. By sorting the data, you can find trends and patterns within the data. Some example ways to process the data:

  • Compare whether unintended disclosures accounted for more medical data breaches in 2008 than 2009.
  • See if reported hacking incidents of government and military databases are increasing or decreasing over time.
  • Find out what types of breaches affect financial companies most frequently from year to year.
  • Analyze the frequency and size of data breaches that occur as a result of portable device compromise v. stationary device compromise v. physical document compromise.
  • Identify trends in breaches affecting educational institutions – whether they are increasing or decreasing and what is the most typical type of breach affecting them.

Visit Chronology: www.privacyrights.org/data-breach

Searching for a Company by Name

Consumers and researchers can also search for the name of a particular company to see whether it has been affected by a breach. Simply enter a name (or one word of the name) of a company or organization into the search box above the Data Breach Chronology, then select “Search.”

name

Visit Chronology: www.privacyrights.org/data-breach

Displaying the Chronology by Number of Records

The Chronology can be organized from largest breach (most records breached) to smallest breach (fewest records breached) and vice versa. From www.privacyrights.org/data-breach#CP, scroll down to just below your search options and look for the horizontal shaded bar. Click on the words “Total Records.” Click again to reverse it.

totalrecords

Visit Chronology: www.privacyrights.org/data-breach

Displaying the Chronology by Date

One of the interactive features of the Chronology is the ability to display the breaches by chronological or reverse chronological order. From www.privacyrights.org/data-breach#CP, scroll down to just below your search options and look for the horizontal shaded bar. Click on the words “Date Made Public.” Click again to reverse it.

chronological

Visit Chronology: www.privacyrights.org/data-breach



X

Sign In!

Loading