As you begin preparations for tax season you might not be feeling a lot of government love. In fact, with the economy the way it is right now, you might be feeling downright hostile. And as you review your household budget yet again for one more way to cut back on expenses, you might be dripping tears onto your keyboard.

Here’s some (sort of) good news from the Identity Theft Resource Center that might help you lighten up a little: Government agencies were responsible for only 16.7% of all data breaches in 2008.

And now the bad news (because when the subject is data breaches, there’s always going to be some bad news): There were 656 data breaches last year, representing a 47% increase in the number of data breaches that occurred in 2007.

Local, state and federal governments were to blame for a total of 110 information leaks last year. The causes for those data losses break down as follows:

• 28 resulted from the improper protection of information while traveling over the government network.
• 22 were attributed to insider theft.
• 20 occurred when employees accidentally exposed citizens’ information.
• 15 have been chalked up to subcontractors with sloppy systems security.
• 5 were the product of hackers.

Which federal agency wins the prize for the biggest bungling of data protection? The U.S. Army wins this dubious distinction for their inadvertent Internet posting of promotion selection lists that contained the names and Social Security numbers of more than 50,000 officers.

So, what does all this tell us? While you’re trimming your budget leave an extra $9 a month for Life Lock protection services. Enroll using the LifeLock discount code Defense for the lowest available price.

Baylor Health Care System is sending letters to the 100,000 patients whose personal information was on a laptop stolen from an employee’s car in September.

The Social security numbers of 7,400 of the patients were stored on the computer. For most of the patients, their information was limited to their names and medical codes.

The incident occurred when a manager, who has since been fired, left the laptop in her car. She had been using the laptop to take patient histories as she traveled from one health care facility to another. The manager was permitted to use the laptop for that purpose, but it was against Baylor Health Care System policy to ever leave the laptop in an unattended car.

Even before this incident, Baylor was upgrading their information security with new software that would enable them to track lost or stolen laptops, and to erase data from the computers remotely if the need ever arose.

Lost and stolen laptops (and other mobile data devices such as thumb drives and PDAs) are the most common cause of data breaches.

Since January 2005, at least 250 million records have been lost or stolen in data breaches. Experts agree that there is no longer a question of “if” someone will become a victim of identity breach, but rather it’s a question of “when”.

Like in the United States, the British are fond of using thumb drives for data storage and portability. But there’s at least one British worker must have learned a lesson about how dangerous they can be when his lost thumb drive was found in a pub parking lot a couple weeks ago.

On the USB device were the passwords and source codes for the British Department for Work and Pensions website used by 12 million of his countrymen for everything from making tax payments to paying parking tickets

If the site had been hacked using the source code on the lost thumb drive, the fraudster would have been able to access names, addresses, salaries, National Insurance numbers and credit card information.

A hacker would also have been able to divert tax money into private bank accounts, said Prevx employee Jacques Erasmus. Prevx is an Internet security firm.

Even though the data was password protected, Erasmus said it would be “relatively easy” to crack.
The 29-year-old information technology analyst worked for Atos Origin, a private company contracted to manage the government website.

Lost and stolen mobile data devices, including laptops, are responsible for most data breaches in the UK, according to a recent study sponsored by Symantec and PGP Corporation.

In the United States, nearly 250 million personal and financial records have been lost since January 2005. Twenty percent of US data breaches can be traced to lost or stolen laptops, PDAs, thumb drives and other portable devices.

The State Department has notified nearly 400 people that their passport applications may have been stolen, and the information used to commit identity theft and fraud.

It all started in March when the department discovered their employees had been snooping around in the passport applications of celebrities and presidential candidates Hillary Rodham Clinton, John McCain and Barack Obama.

Within a month of that disclosure, a 24-year-old man was arrested with 21 credit cards in different names, and eight passport applications. The names on four of the credit cards matched those of some of the applicants.

Lieutenant Q. Harris Jr. admitted he was part of an identity theft and credit card fraud crime ring, and was working with a State Department employee, and another employee of the US Postal Service.

Harris subsequently agreed to cooperate in the investigation, but was fatally shot just a few days after appearing in court.

Sean McCormack, a spokesman for the State Department, said the arrest had nothing to do with employees’ illegal snooping. He did say, though, that one employee had been fired as a result of the data breach. McCormack would not say how the passport applications were obtained.

The investigation into the credit card fraud and identity theft ring is ongoing and being conducted in cooperation with the Washington DC police department.  More passport applicants may be notified as the investigation continues.

Passport applications contain individuals’ names, Social Security numbers, physical descriptions, and the names and places of birth of the applicants’ parents.