Most of the BlackHat 2010 talks aren’t off the ground yet and already this week has been busy for news and announcements. We already noted the DMCA updates earlier this week (which have been grossly over-hyped – see why that is here). Now on to the bigger story. No, it’s not Apple’s mouse-killer, nor is it the plethora of next-gen batteries that are now available (Apple, Toshiba (for cars), etc.). Nor is it the BlackHat talk about intercepting GSM-based mobile communication, nor is it the availability of cloud-based WPA/WPA2 cracking services, nor is it the publication of a 2.8GB database of information collected from public Facebook pages (see Joey’s commentary for more).

In my mind, the biggest, most important news this week is the release of the 2010 Verizon Business Data Breach Investigations Report (DBIR), which includes data from Secret Service investigations. It’s too lengthy to provide a reasonable summary here and now, but I wanted to bring this to your attention. If you read only one data breach report this year, then it should be the Verizon DBIR 2010.

Incidentally, if you’re looking for another data breach report to read, check out the one also released recently from the Digital Forensics Association “The Leaking Vault – Five Years of Data Breaches.” It does not present any new data, but it rather provides a fresh and interesting analysis of a compilation of existing data breach repositories (primarily DatalossDB.org).

Verizon Business has released their 2009 Data Breach Investigations Report [pdf] and an accompanying blog post.

2008 was a crazy year in the world of data breaches… The percentage of breaches in our caseload involving financial service organizations, targeted attacks, and customized malware all doubled in 2008. It’s sure to win me the “Captain Obvious Award” from the Securitymetrics list, but organized crime activity increased and was responsible for over 90% of the 285 million records compromised.

The report is sure to be a good read. We linked last year’s report, and this year’s report has some improvements–it is based on more data was collected more often, and goes into a lot more detail than the previous report. 285 million is a lot of compromised records. Wonder if mine was one of them.