In 2017, the number of data breaches exploded in New York state, with a 23% increase in number of reported breaches and the number of exposed individuals quadrupling over 2016, according to New York Attorney General Eric T. Schneiderman, who today released Information Exposes: 2017 Data Breaches in New York State.
In 2017, there were 1,583 data breaches, which exposed the personal records of 9.2 million New Yorkers, Schneiderman said.
The report noted that the exposed information was largely Social Security numbers (40%), followed by financial account information, such as credit card numbers, which accounted for about 33% of exposed records.
Hacking was the leading cause of the breaches, 44%, up from 40% in 2016, the report stated. Yet hacking accounted for 94% of total personal information exposed, largely due to the Equifax breach reported in September. Employee negligence, such as inadvertent exposure of records and insider wrongdoing, was the cause of about 25% of the breaches.
Schneiderman said he planned to introduce legislation that would require Facebook and other social media sites to notify his office and New York consumers when they learn that there has been a breach of personal records. He also urged the New York state legislature to pass legislation he proposed last fall that would close gaps in current data security laws and would cause companies to have legal responsibility to adopt “reasonable” administrative, technical and physical safeguards for sensitive data.