Share

Top 5 Stories

News

3.2 million Massachusetts residents had personal information lost or stolen

24 April 2012

A disturbing 3.2 million Massachusetts residents have had their personal information lost or stolen over the past four years, according to a new report by the state’s Office of Consumer Affairs and Business Regulation.

The report found that the financial services industry had the largest number of data breaches over the last four years, with 955 incidents exposing data on over 900,000 state residents. Overall, there were 1,833 data breaches over the four year period covered by the report.

The healthcare industry exposed information on 984,000 residents as a result of 214 breaches, including one breach at South Shore Hospital in which information on 800,000 patients was lost.

The vast majority of data breaches involved the loss of electronic information. Of the reported breaches, 1,336 were for electronic breaches, affecting 3,079,677 people - 97% of all the people affected by a reported data breach.

Of the 365 portable devices reported lost or stolen over the last four years, only 13 were encrypted, despite state regulations requiring portable electronic devices to be encrypted. Of the 75 lost or misplaced portable devices reported, only one was encrypted, compromising 1.2 million pieces of information. Of the 290 stolen portable devices stolen, 12 were encrypted, protecting 4,110 pieces of information. The 277 unencrypted devices exposed 220,000 pieces of information.

“It’s taking businesses and institutions longer than we’d hope to encrypt these devices. That would certainly cut back enormously on the number of breaches where consumers data is more vulnerable. Businesses, institutions, and others need to do a better job protecting the information of individuals. There is still a lot of work to be done’’, Barbara Anthony, the state’s consumer affairs and business regulation undersecretary, was quoted by the Boston Globe as saying.

Just last year, businesses and organizations in Massachusetts reported 454 breaches that affected over a million residents, compared with 471 incidents in 2008 that put at risk data from about 717,053 consumers, the first full year that institutions were required to notify the state, the newspaper noted.
 

This article is featured in:
Data Loss  •  Internet and Network Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×