2016 saw record number of data breaches in NYS

Posted at 11:36 AM, Mar 21, 2017
and last updated 2017-03-21 11:36:26-04

Hacking in 2016 drove data breaches to a record high in New York State.

New York Attorney General Eric Schneiderman announced Tuesday data breaches were up 60%, exposing the information of 1.6 million New Yorkers.

The Attorney General's office saw close to 1,300 reported data breaches in 2016. Analysis of the breaches revealed the exposed information consisted mostly of social security numbers and financial account information.

"Hacking is increasingly prevalent – making it all the more important for companies and citizens alike to take precaution when sharing and storing personal data," said Attorney General Schneiderman. "It’s on all of us to guard against those who try to use our personal information for harm – as these breaches too often jeopardize the financial health of New Yorkers and cost the public and private sectors billions of dollars.”

The Attorney General’s Office suggests that consumers guard against threats in the following ways:


  • Create Strong Passwords for Online Accounts and Update Them Frequently. Use different passwords for different accounts, especially for websites where you have disseminated sensitive information, such as credit card or Social Security numbers.
  • Carefully Monitor Credit Card and Debit Card Statements Each Month.  If you find any abnormal transactions, contact your bank or credit card agency immediately.
  • Do Not Write Down or Store Passwords Electronically. If you do, be extremely careful of where you store passwords. Be aware that any passwords stored electronically (such as in a word processing document or cell phone’s notepad) can be easily stolen and provide fraudsters with one-stop shopping for all your sensitive information. If you hand-write passwords, do not store them in plain sight.
  • Do Not Post Any Sensitive Information on Social Media.  Information such as birthdays, addresses, and phone numbers can be used by fraudsters to authenticate account information. Practice data minimization techniques. Don’t overshare.
  • Always Be Aware of the Current Threat Landscape. Stay up to date on media reports of data security breaches and consumer advisories. 

The Attorney General’s Office recommends taking the following steps if you believe you have been victimized by a data security breach:


  • User Names and Passwords:  For user names and passwords, change them immediately on the relevant account and monitor the account for unusual activity. If you use the same user name or password on other accounts, change those as well. 
  • Credit Card Numbers:  For breaches involving credit card numbers, Social Security numbers and other sensitive numbers, create an Identity Theft Report by filing a complaint with the Federal Trade Commission and printing your Identity Theft Affidavit. You can call the Federal Trade Commission (FTC) at 1-877-438-4338 or complete the form online.