The database community has examined the problem of mining aggregate data while protecting privacy at the level of individual records. One approach is to randomly perturb the values in individual records [1,2] and compensate for the randomization at the aggregate level. This approach is potentially vulnerable to privacy breaches. If a data item is repeatedly submitted and perturbed (differently each time), much information about the original value can be inferred. In our context, an attacker could intentionally probe the same IP address using the same attack strings. If the (randomly perturbed) reports of the attack are disambiguated from other alerts based on the attack's unique statistical aspects, the attacker can use them to learn important details of the original alert.