Data breaches affect 2M in MA

Personal information from nearly one out of three Massachusetts residents, from names and addresses to medical histories, has been compromised through data theft or loss since the beginning of 2010, according to statistics released Tuesday by the office of Attorney General Martha Coakley. A state law enacted in 2007 requires all companies doing business in Massachusetts to inform consumers and state regulators about security breaches that might result in identity theft. That could include leaks of individual names along with other sensitive information, such as Social Security numbers or bank account, credit card, and debit card numbers. The law was passed in 2007 after hackers stole 45 million credit card numbers from Framingham-based retailer TJX Cos. Coakley said that her office is just beginning to analyze the reports to find out whether the law is helping to reduce data breaches. But she predicted the problem will get worse as more Americans store vital personal data on various computer networks. The attorney general's office has received 1,166 data breach notices since January 2010, including 480 between January and August of 2011. About 2.1 million residents were affected by the various incidents, though it's unknown whether any of them were actually defrauded as a result of the data leaks.