It seems to me that many of the security “breaches” out there are not “data breaches” at all. Take the AIGand the VA cases. The thief (thieves?) stole the equipment for the hardware, not the data.
The value of the data in these cases is unbelievable. I was told that accurate, non-public personal data can fetch $40 a record. At 1 million records (AIG) and 26 million records (VA) respectively, that's better than many mega-millions jackpots! (If $40 a record is incorrect, even at $1 a record it's a significant amount of money.)
There is one good reason to suspect it is about the hardware and not the data. A data thief would most likely try to steal the data in such a way as to remain undetected. In other words, they would leave the hardware alone (unless they damaged it). Linux boot disks, such as Sleuthkit, come to mind.
Unfortunately, the crooks will wise up sooner or later.
Popularity: 3%
