Washington Sets Record for Data Breaches, Ransomware Attacks, Says AG Ferguson


So far in 2021, 6.3 million data breach notifications have been sent to Washingtonians – by far the most since Attorney General Bob Ferguson’s office began tracking this.

The number of data breaches reported to the Ferguson office also skyrocketed to 280, surpassing the previous record of 78 and last year’s total of 60, according to the report.

The previous record of notices of violation was set in 2018, with 3.5 million notices sent, according to the report.

The report also identifies a huge spike in cyber attacks and a growing threat of ransomware incidents, a type of cyber attack that uses malicious code to hold data hostage in the hope of receiving ransom. More than 150 ransomware incidents were recorded in 2021, more than the previous five years combined, according to the report.

What to do

If you are the victim of a data breach or identity theft:

While there is no foolproof way to keep your information safe, there are steps you can take to protect yourself against identity theft.

Call companies where fraud may have occurred.

Work with one of the credit bureaus (Experian, TransUnion, and Equifax) to check your credit report for suspicious activity and to place a fraud alert or credit freeze on your credit report.

Report identity theft to the FTC at IdentityTheft.gov.

File a report with your local police department.

Send a copy of the police report to the three major credit bureaus.

Ask companies to provide you with information about transactions made on your behalf. A template letter that you can fill out and send to businesses requesting records is available on the Attorney General’s office website at: https://www.atg.wa.gov/db-letter

If you receive a breach notification or believe you may be a victim of identity theft, please visit the Washington Attorney General’s website at http://www.atg.wa.gov/GUARDIT. ASPX for help.

“We are publishing this report because Washingtonians are better able to protect their data when they are aware of threats – and threats have never been greater,” Ferguson said.

The attorney general’s office said it was not receiving any funding to publish the report, but was doing so as a public service to provide Washingtonians with critical information to help protect their data.

The report includes recommendations for policymakers, including expanding the definition of personal information to include individual tax identification numbers as well as the last four digits of a social security number.

According to the report, the COVID-19 pandemic has exacerbated the threat as Washingtonians increasingly rely on digital and online services that collect user data to do business, go to school, find entertainment and communicate with their friends and family.

This increase in online activity may create more opportunities for cybercriminals to steal personal information, and it underscores the importance of Washington’s data breach notification laws.

Ferguson’s office said its long-standing efforts to compel companies to report data breaches and hold them accountable led to a 2019 investigation into a data breach at Premera Blue Cross and resulted in payment by the $ 10 million business.

Also that year, his office announced that Equifax would pay more than half a billion dollars due to a 2017 data breach affecting nearly 150 million people nationwide.

Since 2014, Ferguson’s office has called on several companies with significant data breaches that impacted the privacy of Washingtonians Premera, Equifax, Uber and Target Corporationenter into legally enforceable agreements to improve the security of their data.

The public can access the Attorney General’s database of violations here.


Leave A Reply