Fiscal 2006 Information Security Incident Survey Report
(Security Incident Investigation Working Group)

<Information Leakage: Projected Damages and Observations>

This report represents the fifth survey analysis of personal information leakage incidents/accidents (“incidents”) conducted by the JNSA Security Incident Investigation Working Group. As with the prior year's report, the fiscal 2006 report utilizes the same survey methodology established in the fiscal 2003 report.

A total of 993 information leakage incidents were publicly reported during fiscal 2006, practically the same number of incidents reported during the prior year (1,032). In contrast, 22 million individuals were affected by information leakage incidents during 2006, representing a two-and-one-half fold increase compared to the 8.8 million individuals affected during the prior year. In other words, while the number of information leakage incidents remained on par with the prior year, the number of individuals affected grew significantly.

In this report, we provide statistics and analyses of personal information leakage incidents that occurred during 2006, including an analysis of the causes behind these significant trends.

Security Incident Investigation Working Group

WG Leader: Hisamichi Otani, NTT DATA Corporation
Contributing Members to this Report: Hironori Omizo, JMC Risk Management Co.,Ltd.
Tomoharu Sato, BroadBand Security, Inc.
Yasuhiko Sato, Microsoft Co., Ltd.
Masayuki Hiroguchi, Ricoh Human Creates Co., Ltd.
Shiro Maruyama, LAC: Little eArth Corporation Co., Ltd.
Tadashi Yamamoto, Sompo Japan Risk Management, Inc.
Tetsuya Yoshida, Kanematsu Electronics Ltd.
Naoyoshi Yasuda, dit Co., Ltd.
Eiji Yamada, dit Co., Ltd.