Attorney General Kamala D. Harris has addressed the Stanford Cyber Initiative to release a cyber breach report detailing the nature of data breaches reported to her office over the last four years. The report found between 2012 and 2015, there were 657 data breaches, which compromised over 49 million records of Californians’ personal information.
In 2015 178 breaches placed 24 million records of Californians at risk. This means that as many as 3 in 5 Californians may have been victims of a data breach in 2015.
“Government and the private sector have a shared responsibility to safeguard consumers from threats to their privacy, finances, and personal security,” said Attorney General Harris. “California is leading the nation with measures to prevent data breaches, but we can do better. This report clearly articulates basic steps that businesses and organizations must take to comply with the law, reduce data breaches, and better protect the public and our national security.”
As data threats evolve, California must remain at the forefront of identifying and implementing creative and effective ways to fend off attackers. In 2004, California passed its information security statute (AB 1950, Wiggins), which requires businesses that collect personal information to use “reasonable security practices and procedures.” In 2003, California became the first state to mandate data breach notification, requiring businesses and state agencies to inform consumers when a security breach compromises their personal information (AB 700, Simitian). As of 2012, any breach involving more than 500 Californians must be reported to the Attorney General’s Office (SB 24, Simitian).
Download in PDF!