Every time a massive data theft or breaches happens, I keep kicking myself for not starting up that list of all such compromises that I promised myself I would start (and maintain here on ZDNet). The last one of these, which I think is also the largest, involved 26.5 million records containing the personal information of U.S. veterans. I don't think most people realize how bad the situation is which is why I thought a list would have more impact. The problem is compounded in some cases by the failure to report the theft or breach on a timely basis. In the case of the U.S. veteran data, the Veterans Administration (VA) didn't report the data for nearly three weeks.
. . .
What does any of this have to do with my headline. Well, I'm not going to bother making that list. That's because the Privacy Rights Clearing House already has one that lists the breaches that have been reported.
http://www.privacyrights.org/ar/ChronDataBreaches.htm There's no telling what ones haven't been reported. But I'll venture a guess that the list of unreported incidents far outnumbers the list of reported ones. Based on the size and frequency of these breaches (as well as brand names involved — brand names we assumed we could trust), theft of your identity doesn't appear to be an "if" question. If it hasn't happened already, it's just a question of when. A very sad state of the state if you ask me.
http://blogs.zdnet.com/BTL/?p=3102