There is a very interesting article posted at regarding major data breaches and thefts.  The article can be found here.

The author, quoting James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies, makes the point that the list of breaches would be much larger if smaller breaches were reported.

So how many breaches go unreported?  Well, nobody knows for sure but the number would almost certainly be staggering.  With new federal requirements poised to go into effect, we may start to have a better idea of just how many breaches occur.  At the very least, we may have a way to track those breaches that are actually reported.