Open AccessA Case of Mistaken Identity? News Accounts of Hacker, Consumer, and Organizational Responsibility for Compromised Digital Records
Author(s) -
Erickson Kris,
Howard Philip N.
Publication year - 2007
Publication title -
journal of computer‐mediated communication
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 4.15
H-Index - 119
ISSN - 1083-6101
DOI - 10.1111/j.1083-6101.2007.00371.x
Subject(s) - hacker , backup , identity theft , data breach , internet privacy , personally identifiable information , business , computer security , public relations , political science , computer science , database
The computer hacker is one of the most vilified figures in the digital era, but to what degree are organizations actually responsible for compromised personal records? To examine the role of organizational behavior in privacy violations, we analyze 589 incidents of compromised data between 1980 and 2006. There were more reported incidents in 2005 and 2006 than in the previous 25 years combined. Excluding a particularly large security breach at Acxiom, hackers account for the largest volume of compromised records, some 45%, while 27% of the volume is attributed to organizational mismanagement and 28% remains unattributed. In terms of incidents, 9% were an unspecified type of breach, 31% of the incidents involved hackers, and 60% of the incidents involved organizational mismanagement: personally identifiable information accidentally placed online, missing equipment, lost backup tapes, or other administrative errors. Options for public policy oversight are discussed.