New York succumbed to 900 data breaches in 2013, losing more than $1 billion in the process.
This was according to a report released by the New York Attorney General's office which recorded data breaches within the state between 2006 and 2013. The report also notes that incidents of data breaching have more than tripled within the period covered by the study, translating to nearly 5,000 attacks which exposed 22.8 million personal records.
"What's truly shocking about this report, beyond the fact that hacking is now the greatest threat to our personal information and costs us billions of dollars, is that many of these breaches could have been prevented. If millions of New Yorkers were exposed, one can only imagine how many have been compromised across the nation," New York Attorney General Eric T. Schneiderman said in a statement.
The numbers for the data breaches were mainly driven by high-profile attacks on Target and LivingSocial. Target reported that payment data involving 40 million customers had been accessed by hackers, while daily coupon website LivingSocial confirms that over 50 million of its customers were affected by cyberattacks.
While retail companies are the most obvious targets for cyberattacks, businesses of all sizes are affected, according to the report. These include those in the health services and financial industries.
For the 2013 attacks alone, the state's private and public sectors already lost over $1.37 billion. This figure is computed by the report assuming that each individual affected by a data breach costs the affected company $188, a number reported in turn in another study by the Ponemon Institute and Symantec.
Since 2005, the State of New York has enacted a law that requires institutions to report data breaches to the attorney general and to inform affected individuals when computerized data involving names, account numbers, and other sensitive information have been accessed without permission. Given the already staggering numbers, the report, however, also mentions that it still hasn't accounted for thousands of other cases where a data breach occurred but don't perfectly fit the reporting requirements of the law.
The report aptly comes at a time when cyberattacks have been steadily on the rise. Some of the more notable cases in recent years include the attack on Sony's PlayStation Network in 2011 which targeted millions of customers, and the infiltration on U.S. government systems by Chinese hackers in March of this year to acquire information on federal officials and employees.