BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

3.2m in Mass. have had data lost, stolen

From: security curmudgeon <jericho () attrition org>
Date: Fri, 4 May 2012 15:21:29 -0500 (CDT)

http://articles.boston.com/2012-04-24/business/31393508_1_data-breaches-card-numbers-personal-data

3.2m in Mass. have had data lost, stolen
April 24, 2012|Jenn Abelson, Globe Staff

Nearly half of Massachusetts residents have had their personal information 
lost or stolen as a result of about 1,800 data breaches over the past four 
years, according to a new report from the state.s Office of Consumer 
Affairs and Business Regulation.

Banks, hospitals, and retailers exposed the personal data, such as Social 
Security and credit card numbers, of roughly 3.2 million consumers in 
Massachusetts. Most of the incidents reported to the state involved 
electronic information that was vulnerable because it was not properly 
encrypted. The data breaches, which included a combination of criminal 
acts and poor data management, could have put consumers at risk of 
identity theft or incurring fraudulent charges on credit and debit cards.

The report, the first of its kind in Massachusetts, found the financial 
services industry reported the greatest number of breaches over the last 
four years, with 955 incidents that exposed the data of 901,156 people. 
The vast majority of these breaches, however, involved credit card 
transactions that occurred at retail establishments. The financial 
services institutions then reported the incidents to state officials. The 
health care industry, meanwhile, had 214 breaches, but they exposed more 
people - about 983,746. That included the loss of more than 800,000 
patient records at South Shore Hospital in Weymouth in 2010.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.
Previous By Date Next
Previous By Thread Next

Current thread: