Data thefts hit 1.2 million Mass. residents in 2013

September 4, 2014

Deirdre Fernandes

Nearly one in five Massachusetts residents had their personal or financial information stolen in data breaches last year, a figure driven by a massive data theft at Target Corp. stores, according to a state report set for release Thursday, as cybercrime becomes more frequent, sophisticated, and malicious.

On Tuesday, Home Depot Inc. acknowledged it was reviewing a possible security breach of credit and debit card information that one analyst said could be larger than Target’s, which affected some 40 million customers across the country.

In addition, the New York financial giant JPMorgan Chase & Co. and the parent of grocery stores Shaw’s and Star Market have said in the past month that they are investigating potential cyberthefts.

“All of these companies have to be very nervous,” said Barbara Anthony, undersecretary of consumer affairs and business regulation. “If they’re not leery, they are not being diligent enough.”

All told, about 1.2 million people in Massachusetts had personal and financial data compromised in 2013, according to the report by the Office of Consumer Affairs and Business Regulation. The Target breach accounted for nearly 950,000, or 80 percent, of those affected by data thefts last year.

Consumer advocates and security specialists say thieves are seeking new portals to access everything from Social Security numbers to credit card data, targeting unsuspecting organizations, such as colleges and universities.

And they are succeeding.

Reported incidents of data breaches in Massachusetts increased by 59 percent, according to the state.

Criminals are finding it easier and cheaper to get their hands on the technology to break into a company’s network and exploit flaws, said Rik Ferguson, vice president of security research at Trend Micro, an international security software company.

Fortune 500 companies aren’t the only ones susceptible to data breaches.

Banks, health care companies, restaurants, and colleges all reported compromises of customer data last year, according to the state report.