Learn more about Member Benefits
This week, California Attorney General Kamala Harris
released a report
analyzing the data breaches reported in California from 2012 to 2015.
California was the first state to enact a data breach notification law, which
took effect in 2003. Since then, 46 other states, have enacted similar laws.
Alabama, New Mexico and South Dakota are the only states without a data breach
According to the California Data Breach Report 2015, nearly
50 million records of Californians have been breached during the referenced
time period and the majority of those breaches resulted from security failures.
The report found that breaches occurred in all parts of the economy, including
retailers, financial institutions, healthcare providers and government
agencies. In response to a number of breaches in 2013, the 2014 version of the
report encouraged the prompt adoption of EMV technology. The current report
points out that card issuing financial institutions have upgraded their cards,
with 98 percent of total payment cards in the U.S. now bearing chips and notes
that, “Retailers have more work to do in upgrading their terminals to accept
cards bearing chips.” The report further provides that data breaches can be
expected, “Until all retail terminals are chip-enabled and the magnetic stripe
can be eliminated from cards.”
The report also finds that the retail industry has seen the
largest share of breaches throughout the four-year period, averaging 25% of all California breaches, while the finance sector, which includes insurance,
represented only 18% of the breaches. The Anthem
breach in 2015 inflated the finance sector’s percentage; without that
breach, the finance sector’s share would drop to 6%.
In analyzing the data found from financial institution
breaches, there were fewer instances of hacking and malware – the dominant type
of breach – compared to all other sectors. Breaches resulting from errors by
insiders, however, were more than twice as common as in other sectors (31 percent
versus 14 percent). The financial sector also experienced nearly three times as
many breaches caused by insiders abusing their access privileges: 14 percent
compared to five percent in all others. The type of data most commonly involved
was social security numbers.
Among the recommendations in the report is a request that
states collaborate on the key provisions of data breach laws to maintain
consumer protection and ease the compliance burdens on organizations.
Champion for the Credit Union Movement
Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.
© 2018 Credit Union National Association
ADA Compliance Notice & Legal
© 2017 Credit Union National Association |
ADA Compliance Notice & Legal