5 million MA residents have had their personal data stolen or breached.

Reports of computer data breaches in Massachusetts are as common as ants at a picnic. Nearly every day a company notifies the state that it lost sensitive personal data, often through a mishap by an employee or, worse, a malicious attack by a hacker.

“We get about 50 a month,” said Barbara Anthony, head of the state’s Office of Consumer Affairs and Business Regulation. “Our reporting law is very stringent. Even if it’s one credit card that’s been lost, the company has to report it to us.”

Minor mistakes aside, consumer watchdogs and computer security experts have been adding up a frightening number of data breaches that are on the scale of the massive hack of Massachusetts retailer TJX that spurred the passage of the state’s identity-theft prevention law in October 2007.

We are seeing a phenomenon of huge increases in data breaches. The bad guys, the criminals, are getting more and more sophisticated,” Anthony said.

Massachusetts has received about 2,200 notification letters from companies reporting lost or stolen personal data in the nearly four years since the law was passed — affecting a whopping 5 million Bay State residents, with some amount of overlap in the identities, according to Anthony’s agency. The companies also must notify affected consumers.

Experts say the United States is on track for a record-setting year for data breaches after a string of high-profile hacks of Sony, EMC unit RSA Security and Lockheed Martin. The Privacy Rights Clearinghouse counted 283 breaches made public nationwide as of late last week, or about halfway through the year. The nonprofit group counted 597 breaches in 2010.


Link:
http://www.bostonherald.com/business/technology/general/view/2011_0703mass_data_breaches_strike_5_million/srvc=business&position=also