Data Breaches Affect 1 in 6 Massachusetts Residents

1 in 6 Massachusetts residents have had their credit card numbers, medical records, or other personal information leaked or stolen over the past two years, according to records provided to the Boston Globe.  That is at least 1 million people living in Massachusetts who have had their personal information breached.

This included data on customers of Blue Cross Blue Shield of Massachusetts, Eastern Bank, JPMorgan Chase Bank, and other major institutions.

Under a state law passed in 2007, all such institutions must inform consumers and state regulators about security breaches that might result in identity theft. Such leaks involve the release of a person’s name along with sensitive information such as Social Security numbers, driver’s license numbers, or bank account, credit card, and debit card numbers.  However this does little to prevent identity theft.

In 60 percent of the cases, the breaches were due to criminal acts and forty percent were negligence.

As of November, the state had received 807 data breach notifications from a variety of institutions that collect personal information, from companies to banks and colleges.

On March 1, new state regulations will require organizations to take stronger measures to ensure data security. Institutions that hold such personal data will have to write an official security program and train employees to follow it. In addition, organizations will have to encrypt all personal data stored on laptops, flash drives, or other portable devices, or that is transmitted over the public Internet or wireless networks.