Huge data breaches at Target
and other retailers helped fuel a 600 percent increase in the number of
California residents’ records compromised in cyber attacks last year,
according to a study released Tuesday.
The
California Data Breach Report from state Attorney General Kamala Harris
said 18.5 million Californians were involved in data breaches in 2013 –
up from 2.5 million in 2012. The state’s population is about 38
million.
The numbers were
skewed upward by the massive 41 million payment card breach at Target –
which affected 7.5 million Californians. A separate 50 million record
breach at LivingSocial, an e-commerce firm based in Washington, D.C.,
also contributed to the skyrocketing percentage increase.
Factoring
out Target and LivingSocial, the number of compromised records of
Californians last year increased 35 percent to 3.5 million.
“Data
breaches pose a serious threat to the privacy, finances and personal
security of California consumers,” Harris said in a statement. “The
fight against these kind of cyber crimes requires the use of innovative
strategies by government and the private sector to protect our state’s
consumers and businesses.”
Cyber
attacks have made more headlines recently because of the sheer amount
of records stolen – particularly from brand-name retailers. Target’s
revelation that cyber criminals lifted data off its payment card
machines at check out was followed by news that Home Depot suffered a
similar attack.
Retail
breaches accounted for 84 percent – or 15.4 million – of total records
breached in California last year, according to the report. They were
followed by financial institutions and health care providers.
Financial
losses suffered by Californians from these breaches are unclear. The
Attorney General’s report didn’t pinpoint exact figures. But it did cite
a national study by Javelin Strategy & Research that estimated that
36 percent of data breach victims suffered payment card fraud.
Paul
Stephens, director of policy at San Diego’s Privacy Rights
Clearinghouse, said it’s hard to establish a direct link between a data
breach and fraud. But he noted that some data breaches are more risky
than others.
“For
consumers, any breach that involves a Social Security number should be
of the upmost concern because of the ability (for criminals) to commit
new account fraud — that is, open new accounts” in the consumer’s name,
said Stephens. “For the most part, a payment card breach is not as
concerning – though I’m not meaning to discount it.”
Credit
card companies use analytics software that probes transactions to
quickly spot unusual purchasing activity – a red flag for fraud. Even if
that software misses a bogus purchase, the transaction will show up on
the consumer’s monthly bill. It can be disputed and there is no
obligation to pay.
On the
other hand, new account fraud – or identity theft — can go undetected
for months or even years, said Stephens, destroying a consumer’s credit
rating and taking a long time to unravel.
Stephens
added that debit cards are much more risky than credit cards. “When you
use a credit card, you will find out on your statement” if there is
fraud, he said. “With debit cards, the funds are almost immediately
taken out of your bank account without your knowledge, and that is not
undone easily.”
Source:
utsandiego.com
No comments:
Post a Comment