During the MVP Open Day in Munich last week (Friday & Saturday), we had a presentation by Talhah Mir (ACE Team, Threat Modeling blogs) on threat modeling - which (I hope) everyone is familiar by now. During the talk, he pointed us to an interesting resource: A Chronology of Data Breaches from the Privacy Rights Clearinghouse. Quite an interesting list of incidents, which gives you an idea of the ratio of actual hacking vs dishonest insider, as well as other types of security breaches.