The following articles gives information on the percentage of US
corporations that are broken into by hackers .
Quote CNN.com - Hacker vigilantes strike back (by Pia Landergren),
"A recent FBI study finds 85 percent of respondents detected computer
security breaches during the past year. The survey drew responses from
538 security experts in various U.S. corporations and government
agencies. Sixty-four percent suffered financial losses due to security
breaches, and 186 respondents report a total loss of almost $378
million. Thirty-eight percent of respondents detected denial of
service attacks , compared to 27 percent last year."
The next article goes into great lengths discussing trends in US
corporations, backed up by statistical data:
Quote TheBusinessForum - Cyberattacks! Trends in US Corporations (by
"A survey by the Computer Security Institute and the FBI found that 62
percent of respondents reported a breach in 1998, up from 42 percent
in 1996. Cyberattacks range from defacing a website to stealing
valuable information; however, they can cost corporations a
significant amount of money in goods, reputation, and time. (...) A
DataPro Information Services study estimated that the average hacker
attack costs companies $500,000."
"In 1999, CERT states that 8,268 incidents were reported. These
incidents were reported with greater frequency than in the past. For
example, in 1998, only 3,734 incidents were reported. Therefore, the
number of reported incidents doubled in just one years time. (CERT,
The article points out that many corporations "chose not to report
attacks to protect their reputations". (The statistical data should
therefore be especially relevant to determine relative trends, as
opposed to absolute figures.)
On how corporations are affected:
"(...) a survey by Ernst & Young and Information Week indicates that
more than half of its respondents reported financial losses from
cyberattacks. Further, each breakdown exceeded $100,000 and
approximately 17 respondents suffered losses of more than $1 million
as a result of a single security breach. (Alexander, 1995). More
recent statistics suggest that fighting viruses cost businesses
worldwide $7.6 billion in the first year of 1999. (Futurework, 1999)
In addition, a DataPro Information Services study estimated that the
average hacker attack costs companies $500,000. (Lowry, 1999)"
This article is a great resource with many more figures. It is backed
up about two dozen cited works. It is also going into great detail on
the percentage of ex-employees involved, like you asked about (see
The following article collects many different resources into a
statistical overview of what you seek:
SecurityStats.com - Computer Security Spending Statistics
Quoting the Computer Security Institute (March 2001)
"- 85% (primarily large corporations and government agencies) detected
computer security breaches within the last twelve months
- 64% acknowledged financial losses due to computer breaches
- 35% (186 respondents) were willing and/or able to quantify their
financial losses. These 186 respondents reported $377,828,700 in
financial losses. (In contrast, the losses from 249 respondents in
2000 totaled only $265,589,940. The average annual total over the
three years prior to 2000 was $120,240,180.)
- The most serious financial losses occurred through theft of
proprietary information (34 respondents reported $151,230,100) and
financial fraud (21 respondents reported $92,935,500)"
Also relevant to your request are the following pages on same site:
SecurityStats.com - General Information Security Statistics
SecurityStats.com - Web Defacement  Statistics
So-called worms  are mostly not tailored to attack a specific
organization, but due to their nature can bring down the IT services
of a company.
Quote Advanced Logic Industries:
"- Computer Economics estimates that the Code Red worm and its
variants have infected 760,000 servers worldwide to the tune of $2.05
billion in system repairs and lost productivity.
- The "Love Bug" attacks, including the 50-plus variants of the virus
that rampaged through systems worldwide in May 2000, have cost
businesses up to $8.7 billion in lost productivity and system repairs"
I hope this helps!
 In accordance with most of the press releases, I did not
differentiate between "hacking" and "cracking", even though the latter
more precisely denotes malicious break-ins (that is, those where data
is corrupted, or acquired information sold).
Quote TechTarget.com's definition of "cracker":
"The term "cracker" is not to be confused with "hacker". Hackers
generally deplore cracking. However, as Eric Raymond, compiler of The
New Hacker's Dictionary notes, some journalists ascribe break-ins to
 Definition of "Denial of Service" (DoS) attack at Techtarget.com
"an incident in which a user or organization is deprived of the
services of a resource they would normally expect to have. Typically,
the loss of service is the inability of a particular network service,
such as e-mail, to be available or the temporary loss of all network
connectivity and services."
 More on Web Defacement at SearchWebManagement.com
"Web site defacements jumped from 4,393 to 22,379 last year"
 Definition of "Worm" at Techtarget.com
"A worm is a self-replicating virus that does not alter files but
resides in active memory and duplicates itself. (...) It is common for
worms to be noticed only when their uncontrolled replication consumes
system resources, slowing or halting other tasks."
percentage "us corporations" hacker