Since 2007 when Massachusetts enacted the Data Security Breach Law, near half the population of the state could have had their personal information put at risk. The recently released numbers show that from November of 2007 to September of 2011, over 1.2 million state residents have had their data compromised by lost or misplaced mobile devices or laptops, and over 200,000 from stolen devices.
The 2007 law requires that all security breaches must be reported to the state’s Office of Consumer Affairs and Business Regulation, the Attorney General, and to all those affected. Undersecretary Barbara Anthony.
In a review of the data from the last four years, Undersecretary Anthony says that many businesses and institutions that had a data breach had not taken the precaution to “encrypt” the data – by making the information secure with code. Undersecretary Anthony continues….
The largest percentage of security breaches were reported in retail, healthcare, and government. In all categories, 1,833 different breaches have affected 3,166,031 residents.
Jim Hendler, Director of the Information Technology and Web Science Program at the Rennselaer Polytechnic Institute in Troy, NY, says that once a way to get past security settings is found, whether it’s a stolen device or a hacked password, it’s easy for once breach to affect thousands.
Lisa Schifferle, Attorney for the Federal Trade Commission, says that on the national level, identity theft has been a highlighted area of concern.
The Massachusetts Office of Consumer Affairs and Business Regulation emphasized the need for all businesses, and organizations to encrypt data in coordination with the law, protect data with passwords, and keep all mobile devices and computers safe.