NEW: MA Government Third Worst Offender on Data Breach Report
Monday, April 23, 2012
A security breach is the unauthorized acquisition or use of data, whether encrypted or not, that compromises the security, confidentiality, or integrity of personal information, and creates a substantial risk or identity theft or fraud against a resident of the commonwealth.
Personal information includes a person’s name in combination with any one or more of the following data elements: Social Security number; driver’s license number, financial account number, and credit or debit card numbers.
The report, which was issued today, states that the OCA has received 1833 notifications of security breaches, and that 3,166,031 people were at risk Since October 31, 2007, any entity that had personal information of a Massachusetts resident lost or stolen has been required to notify the Office of Consumer
“Our analysis found that our businesses, institutions and others need to do a better job protecting the information of individuals,” said Barbara Anthony, Undersecretary of Consumer Affairs and Business Regulation. “Encrypting data remains the key to protecting our personal and financial information. The best way to prevent identity theft and other serious issues is to keep information protected, safe and secure.”
Portable Devices Add Exposure
Portable devices, which are required to be encrypted, typically have not been, with only 13 encrypted devices of the 365 reported lost or stolen. Lost devices accounted for exposure to more than 409,000 residents.
“Over the last four years, about half of Massachusetts residents have had their information exposed to loss or theft, we have found that information on laptops, thumb drives, storage discs and tapes, and other electronic platforms are most vulnerable,” Anthony said. “An important additional layer of security for these items is encryption, which in many cases has been lacking.”
Financial Services and Health Care Industries Hit Hardest
With 955 breaches, the financial services industry has reported nearly half of all breaches, but only one-third of the total number of affected people. Another one-third of the affected individuals had their data breached by the health care industry, including an 800,000-person exposure at South Shore Hospital in 2010. The state government has reported 87 breaches since 2007, affecting more than 267,000 residents, with 18 breaches in 2011 alone.
The full report is available here.
Related Articles
- Paul Levy: Bringing Medicine into the Age of Computers, Finally
- Identity Theft Dangers in Massachusetts
- NE Tech Seeks Computer-Savvy Teens for Competition
- Dear John: Never Leave Your Computer Unattended
Follow us on Pinterest Google + Facebook Twitter See It Read It