The number of personal information leaks reported in the US this year have already eclipsed the total amount in all of 2007, according to the latest figures from the Identity Theft Resource Center (ITRC).

The agency found that 449 US businesses and government agencies have thus far reported lost or stolen customer and employee data. And there is still time left!!

Now, 449 is not a lot but it warns that the actual number is likely to be a lot higher because of under-reporting and the fact that some of these reported breaches, which affect multiple businesses, are listed as single events. "While the ITRC breach list reflects compromised records of more than 22 million, in more than 40% of breach events, the number of records exposed is not reported or fully disclosed. This means the number of affected records is grossly incomplete and unusable for any statistic or research purpose."

The agency does not indicate how high the number can be. Still, if there is a positive in this, it's that US companies might not be getting any better at securing personal details, but at least more are honest when they screw up. It's a start. Kind of.