A report issued by the California Attorney General finds that three in five Californians were subject to a data breach in 2015.
The largest breaches (impacting 1 million or more records) resulted from malware or hacking. The second largest breaches resulted from theft or loss of devices holding unencrypted data. The third largest breaches resulted from errors, mainly wrong delivery of email and inadvertent exposure to online personal information.
The report urges limitations on the amount of personal information collected and retained. It also urges California employers to use reasonable security procedures and practices to protect personal information from unauthorized access, destruction, use, modification or disclosure. Recommendations include using multi-factor authentication when possible and strong encryption processes.
