- Pro-marijuana group claims responsibility for Brooklyn Bridge flag swap
- Young adults shun Obamacare mostly due to cost: survey
- Stabbing attack on transgender girl, 15, was ‘bias motivated,’ police say
- LGBT adults still lean overwhelmingly toward Democratic Party
- Lawmakers rattled by Syria genocide horrors, call on Obama to act
- African leader cancels trip to U.S. over Ebola outbreak; Obama still plans summit
- Sarah Palin’s online channel hits snag as Stephen Colbert buys similar URL
- SWAT spends seven hours in standoff with empty home
- U.S. troops told not to eat, drink in front of Muslims during Ramadan
- Iran’s Rouhani: Israel, Islamic State are ‘tumors derived from the same origin’
22.8 million New Yorkers’ personal records exposed
Question of the Day
ALBANY, N.Y. — Nearly 23 million private records of New Yorkers have been exposed in data security breaches reported by more than 3,000 businesses, nonprofits and governments over the past eight years, New York's attorney general reported.
Deliberate hacking was responsible for 40 percent of the 5,000 incidents, which exposed a majority of the records, followed by lost or stolen equipment, insider wrongdoing and inadvertent errors, according to the report released on Tuesday.
"As we increasingly share our personal information with stores, restaurants, health care providers and other organizations, we should be able to enjoy the benefits of new technology without putting ourselves at risk," Attorney General Eric Schneiderman said. He urged collaboration between industry and security experts so businesses and organizations have the tools to secure data and address the growing, complex problem.
Since 2005, New York law has required breached institutions to advise the attorney general and the individuals when computerized private data consisting of names and account, social security or driver's license numbers were acquired by an unauthorized user. The report noted that it excludes thousands of data breaches involving sensitive information that don't fit under the law's reporting requirements.
The 7.3 million records exposed in 900 security breaches last year cost institutions an estimated $1.37 billion to investigate, rectify and help customers, the report said. They included the two largest so far, both involving retailers, when Target Corp. was hacked, exposing the personal information and credit card numbers of more than 70 million customers nationwide including 1.8 million New Yorkers, and LivingSocial's data was hacked, exposing 4.75 million records of New Yorkers.
Target said it subsequently imposed several security measures with enhanced monitoring, limiting vendor access, streamlining firewalls and resetting passwords.
LivingSocial spokesman Kevin Nolan said none of their customers' credit card data was ever compromised, that the exposed data in 2013 was limited to usernames and encrypted passwords that were useless outside of its system.
While black market sales of private data were cited as the primary motivation for hacking, the report didn't identify New York consumer losses. It cited studies by the Javelin Strategy and Research Group and LexisNexis estimating one-fourth of records lost in data security breaches end up used for fraudulent purposes, often identity theft, which accounted for $24.7 billion direct and indirect losses in the U.S. in 2012, exceeding all other property crimes combined.
For businesses, nonprofits and governments, the report advises identifying the data they require and how it's secured, collecting no unnecessary data and setting expiration dates on collected information, and establishing a security plan with encryption. For consumers, it advises creating strong and different passwords for various accounts, not storing them electronically, carefully monitoring credit and debit card statements, and not posting sensitive information on social media.
TWT Video Picks
By Ted Cruz
Israel saves its enemies; Hamas endangers its friends
- Chicken pox outbreak puts illegal immigrant facility on lockdown
- Al Gore's climate-changers at EPA hearings foiled by cool temperatures
- CIA admits improperly hacking Senate computers in search of Bush-era information
- GOP report sees ties between rich donors, green 'nonprofits'
- CRUZ: A tale of two hospitals: One in Israel, one in Gaza
- Israel surprised by Hamas tunnel network
- NAPOLITANO: Is the president incompetent or lawless?
- Lois Lerner hated conservatives, new emails show
- Geraldo Rivera: Matt Drudge 'doing his best to stir up a civil war'
- House votes to sue President Obama over claims of presidential power
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world