New York Attorney General says data breaches skyrocketed in 2016
ALBANY, NY (WRGB)-- Attorney General Eric Schneiderman today announced that his office received a record number of data breach notices in 2016.
The close to 1,300 reported data breaches in 2016 represented a 60 percent increase over the previous year; these breaches exposed the personal records of 1.6 million New Yorkers in 2016, representing a threefold increase over the prior year. Analysis conducted by the Attorney General's office revealed that the exposed information consisted overwhelmingly of social security numbers and financial account information and surmised that hacking and inadvertent disclosure were the two leading causes of data security breaches.
“In 2016, New Yorkers were the victims of one of the highest data exposure rates in our state’s history,” said Attorney General Schneiderman. “The total annual number of reported security breaches increased by 60% and the number of exposed personal records tripled. Hacking is increasingly prevalent – making it all the more important for companies and citizens alike to take precaution when sharing and storing personal data. It’s on all of us to guard against those who try to use our personal information for harm – as these breaches too often jeopardize the financial health of New Yorkers and cost the public and private sectors billions of dollars.”
Dr. Sanjay Goel, Director of UAlbany’s Cyber Security Center, says hackers are increasingly targeting health care records. “It used to be credit card information was the most important to steal, but now healthcare fraud is large. The value of healthcare information is much higher than credit card information in the underground market because they can do all kinds of healthcare fraud and make false claims,” Dr. Goel said.
The Attorney General’s Office suggests that consumers guard against threats in the following ways:
• Create Strong Passwords for Online Accounts and Update Them Frequently. Use different passwords for different accounts, especially for websites where you have disseminated sensitive information, such as credit card or Social Security numbers.
• Carefully Monitor Credit Card and Debit Card Statements Each Month. If you find any abnormal transactions, contact your bank or credit card agency immediately.
• Do Not Write Down or Store Passwords Electronically. If you do, be extremely careful of where you store passwords. Be aware that any passwords stored electronically (such as in a word processing document or cell phone’s notepad) can be easily stolen and provide fraudsters with one-stop shopping for all your sensitive information. If you hand-write passwords, do not store them in plain sight.
• Do Not Post Any Sensitive Information on Social Media. Information such as birthdays, addresses, and phone numbers can be used by fraudsters to authenticate account information. Practice data minimization techniques. Don’t overshare.
Always Be Aware of the Current Threat Landscape. Stay up to date on media reports of data security breaches and consumer advisories