California state law explains that if a company or state agency is subjected to a data breach, it must inform every individual who could possibly be affected and send a description of the breach to the attorney general, according to the office of the attorney general.
On Monday, a statement from Attorney General Kamala Harris provided additional details on these data breaches. The first state-wide report on data breaches explained that in 2012 alone, 131 incidents affected information of 2.5 million California residents. One of the largest breaches occurred at the California Department of Social Services, releasing the information of 845,000 parents, children and caregivers in March 2012, according to Network World.
This state report does not include the breaches that happened at the Sutter Health hospital network because these incidents happened in 2013 and 2011. Since this report was released, there have been 74 data breaches in 2013, according to the Sacramento Business Journal.
"Data breaches are a serious threat to individuals' privacy, finances and even personal security," Harris said in a statement released with the report. "Companies and government agencies must do more to protect people by protecting data."
Harris added that with better security measures, 1.4 million residents would not have had their information compromised, cutting the amount of affected citizens in half. Because of this common trend, Harris "will make it an enforcement priority to investigate breaches involving unencrypted personal information."
Protecting sensitive material in advance will lessen the opportunities for individuals to have unauthorized access. The report detailed that 55 percent of breaches were done on purpose by unauthorized personnel and 10 percent of breaches were done under the cooperation of insiders.
Regardless of where a company is located, they should consider reaching out to business continuity consultants who specialize in disaster recovery planning to prevent future data breaches.