would you rather find your own breach or have someone out you?

Look at that, another breach discovered by someone else that is not part of the victim company, this time affecting Dutch telecomm KPN.

…a hacker broke into a Gemnet [KPN subsidiary] database after exploiting poor password policies set up on its PHPMyAdmin server… The article said the hacker came forward to prevent the kind of debacle DigiNotar created, but “he has also found evidence that he is not the first person who have gained access to the systems.”

We hear a lot of these reports of third party notices of breaches. I wish we could correlate that better with how many get detected internally, though I imagine a good chunk of those are never discussed beyond the immediate team involved…