The number of electronic data breaches fell last year according to a report from Verizon and the US Secret Service which also shows that the top target for e-record thieves remains the financial services industry.
Verizon says the decline in the overall number of breaches investigated for the annual report is "promising" but also warns of more insider threats, greater use of social engineering and the continued strong involvement of organised criminal groups - responsible for 85% of all stolen data.
An astounding 94% of all compromised records in 2009 were attributable to financial services. Firms in this industry also make up 33% of all breaches, compared to hospitality on 23% and retail, 15%.
Nearly half of breaches were attributed to users who, for malicious purposes, abused their right to access corporate information. An additional 40% were the result of hacking, while 28% were due to social tactics and 14% to physical attacks.
Over three quarters of victims subject to the PCI-DSS standard hadn't achieved compliance prior to the breach.
Verizon says that most breaches were avoidable if security basics had been followed with only four per cent of those assessed requiring difficult and expensive protective measures.
In addition, 60% continue to be discovered by external parties and then only after a considerable amount of time, says Verizon and while most victimised firms have evidence in their security logs, they often overlook them due to a lack of staff, tools or processes.