Canadian Underwriter
News

Over 49 million records of Californians’ personal information at risk in last four years: Attorney General


February 17, 2016   by Canadian Underwriter


Print this page Share

The personal information records of more than 49 million Californians have been at risk over the past four years, according to a new report released by the state’s Attorney General.

On Wednesday, Kamala D. Harris released the comprehensive report detailing the nature of data breaches reported to her office over the past four years. The report https://oag.ca.gov/breachreport2016 found that between 2012 and 2015, there were 657 data breaches, compromising over 49 million records. Social security numbers (49.6%), payment card data (39%) and medical information (19%) were the top three types of data breached. [click image below to enlarge]

Malware and hacking accounted for 54% of breaches

The report noted that last year, 178 breaches placed 24 million records at risk. “This means that as many as three in five Californians may have been victims of a data breach in 2015 alone,” the Office of the Attorney General said in a press release.

According to the report, the retail sector was the most vulnerable industry, accounting for 24% of breaches and 42% of records breached in the past four years.

The financial sector accounts for the second largest share of breaches at 18%, and 26% of records breached. Social Security numbers are the most common data breached in this sector, the release said, adding that the financial sector showed the greatest susceptibility to breaches caused by insiders (employees, services providers), both through unintentional errors and intentional misuse of privileges.

The healthcare industry accounts for 16% of breaches, and continues to be particularly vulnerable to physical breaches, while small businesses represent 15% of all reported breaches. [click image below to enlarge]

The financial services sector accounted for the second largest share of breaches at 18%

Other findings of the report include:

• Malware and hacking presents the greatest threat, both in the number of breaches (365, 54%) and the number of records breached (44.6 million, 90%). This is a growing problem compared to other types of breach, increasing by 22% in the past four years;

• The relative share of physical breaches – resulting from theft or loss of unencrypted data on electronic devices – declined from 27% of all breaches in 2012 to 17% in 2015. The healthcare sector had the greatest problem with breaches of this type (more than half of its breaches) and small businesses were more than 50% more likely to report a physical breach than larger businesses;

• Breaches caused by errors, predominantly misdelivery (of email, for example) and inadvertent exposure on the public Internet, were a close third, and have held steady at around 17%. Half of government breaches were of this type.

The report is accompanied by recommendations from the Attorney General for organizations, businesses and lawmakers on how to protect against data breaches. For example, the report recommends making multi-factor authentication available on consumer-facing online accounts that contain sensitive personal information.

“Government and the private sector have a shared responsibility to safeguard consumers from threats to their privacy, finances, and personal security,” said Harris in the release. “California is leading the nation with measures to prevent data breaches, but we can do better. This report clearly articulates basic steps that businesses and organizations must take to comply with the law, reduce data breaches, and better protect the public and our national security.”


Print this page Share

Have your say:

Your email address will not be published. Required fields are marked *

*