On Wednesday, May 4, 2016, New York State Attorney General Eric T. Schneiderman announced a 40 percent increase in reports of data breaches during 2016 as compared with the same time frame last year. As in a growing number of states and federal agencies, New York’s Information Security Breach & Notification Act, enacted in 2005, requires all individuals and organizations conducting business in New York to report any unauthorized access to personal information to affected individuals, law enforcement and other government officials.
According to the May 4 press release:
The office has received 459 data breach notices from the first of the year through May 2, 2016, as compared with 327 through the same time last year. In the year 2015 alone, the office received 809 data breach notices. The office is expecting to receive well over 1000 notices for the year, a new record.
With the increasing threat of cyberattacks, companies are reminded of the three keys to managing this risk: (1) prevention, both through advanced security and employee education; (2) maintaining insurance covering both malicious and inadvertent breach events; and (3) developing rapid response plans involving breach counsel to preserve evidence, coordinate with law enforcement and satisfy all state and federal reporting requirements.