2010 data breaches
Verizon's recent 2011 Data Breach Investigations Report (PDF) seems to show that very few records were exposed by data breaches in 2010. The report says that all of the breaches that Verizon investigated in 2010 only added up to about 3.9 million records that were exposed.
That doesn't mean that only 3.9 million records were exposed in 2010.
The Open Security Foundation's data breach database lists breaches in that year that exposed over 28 million records. So although the amount of data that was exposed through data breaches was lower in 2010 than it was in the previous few years, there was still a significant amount of data exposed. Much more than the 3.9 million that Verizon's investigators looked at.
Many people seem to be under the impression that the Verizon report covers all data breaches. The report itself clearly says that that's not the case, and that it just represents incidents that Verizon was hired to investigate, but lots of people don't seem to have read that particular part of the report.
From what I've seen so far, I'd actually guess that very few people have actually read the report itself. Instead, they've just read a few news stories that summarize its contents. If you only have a casual interest in data breaches, that might be enough. But if your interest is a bit more serious, you probably ought to read and understand what the report actually says.