Internet Explorer 11 is not supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

California Had the Most Data Breaches in the Last Five Years

A report from Forbes Advisor found that between 2017 and 2021, 325,291 residents across the state were victims of data breaches, which amounted to more than $3.7 billion in losses. Compromised email was the costliest breach type.

(TNS) — A new report from Forbes Advisor shows California led the nation in data breaches between 2017-2021, with 325,291 victims losing more than $3.7 billion.

Forbes used FBI data from the federal agency's Internet Crime Complaint Center to determine how many Americans were impacted during the five-year period, which type of breach was the most common and which resulted in the highest financial loss.

The most expensive breach for Golden State residents came from compromised email accounts, which cost 14,925 victims more than $1.18 billion. That was followed by 12,205 victims duped by online romance schemes at a cost of $516.2 million.

Other ripoffs came in the form of investment scams (5,270 victims lost nearly $440 million), real estate fraud (11,365 victims lost $176.4 million) and personal data theft (31,742 victims lost $163.4 million).

Texas weathered the second-biggest financial loss in the Forbes report with 179,217 people impacted by data breaches at a total cost of more than $1.8 billion. New York was next (141,170 victims lost $1.77 billion), followed by Florida (198,830 victims lost $1.72 billion) and Ohio (64,926 victims lost $776.8 million) to round out the top five.

A Long List


When California businesses suffer data breaches, that information, along with notification letters that were sent out if the breach impacted more than 500 people, must be submitted to the state Attorney General's Office.

The list of California companies that have had data stolen this year and in 2021 is long and includes Blue Shield of Southern California; Kaiser Foundation Health Plan, Southern California; Lending Tree; Ernest Packaging Solutions; and Professional Finance Co., among scores of others.

Kaiser is among the companies that notified the Attorney General's Office of a breach.

In a letter sent to Kaiser members on July 15, 2022, the healthcare provider said on May 20 it discovered someone had broken into a storage locker at its Los Angeles Medical Center and stolen an iPad along with the password to the tablet. The iPad had been used at a Kaiser COVID-19 testing site by employees and contained photos of COVID-19 lab specimen labels but no photos of patients.

Alina Harris, Kaiser's privacy and security officer, said the company had no specific evidence that patient information was accessed and/or viewed by the thief.

"As a result, we are notifying you of this matter out of an abundance of caution," Harris said in the letter.

Kaiser said it initiated an investigation into the theft, notified law enforcement and remotely erased all data from the iPad, including the photos.

In a statement issued Monday, the healthcare company said no Social Security numbers or financial information were included in the data on the iPad.

LendingTree told customers it discovered a code vulnerability on June 3, 2022, that likely resulted in the "unauthorized disclosure of some sensitive personal information." The company suspects the breach — which included access to names, Social Security numbers, birth dates and street addresses — began in mid-February.

"The vulnerability in the code no longer exists, and we are working to implement additional security measures to protect consumers who visit our online interfaces," Lending Tree CEO Arun Sankaran said in his letter to customers.

$20.1 Billion Lost


On a broader scale, Forbes said that from 2017-2021 more than 2.3 million data breaches occurred throughout the U.S., Guam, U.S. Virgin Islands and Northern Mariana Islands, generating a total financial loss of $20.1 billion.

In a statement issued last year, California Attorney General Rob Bonta urged hospitals and other healthcare facilities to ensure safeguards are in place to deter data breaches.

"I implore all entities that house confidential health-related information to be vigilant and take steps now to protect patient data before a potential cyberattack," he said.


(c)2022 The Whittier Daily News, Calif. Distributed by Tribune Content Agency, LLC.