The Massachusetts Attorney General Martha Coakley reported last week on the count for data breaches in the state since the Massachusetts data-breach law went into effect January of 2010. Breaches in the period totaled 1,166, affecting 2.1 million residents in a period of 10 months.
Because Massachusetts is the first state to require mandatory reporting of this kind to a state’s attorney general’s office, the statistics offer a first of its kind map of data breaches occurring across any US state. The stats hint at huge data breach numbers occurring nationwide even as the US Senate Judiciary Committee OK’d legislation last week to preempt state data breach legislation, including those of states like Massachusetts and California with strong reporting requirements.
According to the Boston Globe in their coverage last Wednesday:
Of the reported incidents, 25 percent involved deliberate hacking of computer systems containing sensitive data. Another 23 percent involved accidental sharing of information with unauthorized people, such as sending faxes or e-mails with personal information to the wrong recipient. In 15 percent of cases, retailers reported the theft of customer credit card numbers. Data was also lost through thefts or accidental losses of laptop computers and paper documents, or in cases in which workers deliberately gained unauthorized access to client files.