Breaches Exposed 22.8 Million Personal Records of New Yorkers

An anonymous reader writes Attorney General Eric T. Schneiderman issued a new report examining the growing number, complexity, and costs of data breaches in the New York State. The report reveals that the number of reported data security breaches in New York more than tripled between 2006 and 2013. In that same period, 22.8 million personal records of New Yorkers have been exposed in nearly 5,000 data breaches, which have cost the public and private sectors in New York upward of $1.37 billion in 2013. The demand on secondary markets for stolen information remains robust. Freshly acquired stolen credit card numbers can fetch up to $45 per record, while other types of personal information, such as Social Security numbers and online account information, can command even higher prices.

Data is Unsecurable

[ObsessiveMathsFreak]

Perhaps it's time for companies to realise that they cannot keep data secure. That they will never be able to build, much less be willing to pay for, the security required to keep this information under any kind of seal.

Perhaps it's time for companies to ask themselves: "Do we really need to store this?".

Re:Data is Unsecurable

[Jason+Levine]

This was one big reason why, when New York said they were going to upload students' data into the Bill Gates Foundation's InBloom system, I was opposed. The data (including some very personal info like medical diagnoses) would have been upload to an Amazon cloud drive. As if "cloud drives" are never hackable.

(The other reason I was opposed was that lawmakers specifically made an exception to the data sharing laws so that data could be uploaded to InBloom whether or not parents wanted it uploaded. Not only was it not opt-in, but you couldn't even opt-out.)

Thankfully, New York backed off this plan. If they wanted to standardize the systems across the school districts, I might not have a problem with it (depending on the system), but uploading tons of personal information and trying to hand-wave security concerns away by saying "the cloud" doesn't sit will with me.

Re:Data is Unsecurable

[Charliemopps]

Perhaps it's time for companies to realise that they cannot keep data secure. That they will never be able to build, much less be willing to pay for, the security required to keep this information under any kind of seal.

Perhaps it's time for companies to ask themselves: "Do we really need to store this?".

It's beyond that... as you said, data is unsecurable even if they don't store it. So why is it possible for someone from eastern Europe that doesn't even speak English to charge something in my name and have it shipped overseas with nothing more than the info on my Visa card?

This is entirely the fault of Visa/Mastercard and other credit agencies. They should be eating the costs of this fraud wholesale. They could end it tomorrow but in the name of getting us as far in debt to them as possible, they've thrown out pretty much every security measure you can think of and now they've found a way to get your credit card to wirelessly broadcast your number to anyone that happens to be walking by. If someone charges something fraudulently to your card, the CC company should have to pay an inconvience fee to the store and the customer. If your credit gets ruined by someone, Equifax and the others should have to pay a fine to you. This would get cleared up overnight if that happened.

Re:In ... the New Your State?

[SJHillman]

It stopped being our state a long time ago.

Re:In ... the New Your State?

[Jason+Levine]

This is also the state where the Commissioner of Education, John King, had a talk about New York's implementation of Common Core. The talk was overrun with parents who had issues with the implementation specifically (and some with Common Core in general). There were a lot of questions they wanted to ask and a lot of answers they wanted to get. Instead, King cut the meeting short, cancelled the rest of his tour, and said that "special interest groups" were to blame. (Parents are apparently now a special interest group.) He finally caved to pressure and re-opened his tour but made sure that each venue was structured so he wouldn't need to be confronted by opponents in that manner anymore.

New York: Where the politicians serve their constituents - themselves - and the public can go wait in the corner until they're needed to pay more taxes.