A new report from New York State’s Attorney General details the damage to the state’s citizens and organizations from reported data breaches over the last eight years. “Information Exposed: Historical Examination of Data Breaches in New York State” attempts to illustrate the exponential growth in breaches, reports of breaches and some of the related costs, and then gives recommendations on how individuals and companies can better protect themselves.
Looking at the financial damages collectively to the state, as opposed to the usual point of view of the individuals or companies affected, the AG’s office says that in 2013 alone, data breaches cost organizations doing business in New York State over $1.37 billion.
What isn’t reported by the AG: All the breaches that weren’t reported to the AG because the companies weren’t required to do so according to New York State law, as well as total consumer losses from these breaches.
The report’s recommendations on data protection practices for organizations and individuals are accompanied by the text of the New York State Information Security Breach and Notification Act and definitions of some of the key terms within that document (the difference between personal information and personal records, for instance), which it appears must now, unfortunately, become required reading.
Kachina Shaw is managing editor for IT Business Edge and has been writing and editing about IT and the business for 15 years. She writes about IT careers, management, technology trends and managing risk. Follow Kachina on Twitter @Kachina and on Google+