By Nathan White
According to the recently released North Carolina Attorney General Security Breach Report, nearly 5,337,154 North Carolinians were impacted by security breaches in 2017. The Report highlights several trends data protection specialists and North Carolina businesses should take into consideration.
The report breaks down 1,022 data breaches occurring in North Carolina during calendar year 2017. For the first time since reporting was required in 2005, hacking constituted a slight majority of the reported breaches at 50.49%. This reflects a continuing trend of annual increases in the overall number of hacking attempts.
Another noteworthy trend is the slight increase in phishing attempts year over year. Since 2016, phishing attempts have constituted at or near 25% of the reported security breaches in North Carolina after constituting below three percent of reported breaches during years 2006-2015. While these trends are troubling, the increase in reported cases may be the result of increased awareness of hacking and phishing attempts and subsequent reporting.
A positive trend is the continuing decline in the overall numbers of accidental release and display breaches. This suggests increased efforts in the safe handling of sensitive data.
This Report clearly puts every North Carolina business and data manager on notice as to the increasing threats and increasing need to ensure personal data is handled, processed, and managed by trained professionals.
About Data Points: Privacy & Data Security Blog
The technology and regulatory landscape is rapidly changing, thus impacting the manner in which companies across all industries operate, specifically in the ways they collect, use and secure confidential data. We provide transparent and cutting-edge insight on critical issues and dynamics. Our team informs business decision-makers about the information they must protect, and what to do if/when security is breached.
Data Points: Privacy & Data Security Blog Updates
- The Consumer Financial Protection Bureau Stakes Out Its Enforcement Authority Over Unfair Information Security Practices
- Maryland Amendments to Data Security and Breach Notification Law
- The Devil Really is in the Details: The SEC Proposed Rule on Cybersecurity Risk Management for Investment Advisors, Registered Investment Companies and BDCs
- Will the U.S. Finally Pass Comprehensive Data Privacy Legislation?