Tannenbaum Helpern Syracuse & Hirschtritt, LLP
About Us Careers Contact Us Search
Home Practice Areas Industries Case Results Attorneys Publications Events Press Room

NY Businesses Reported a Record Number of Data Breach Incidents in 2016

Click here to download PDF

The New York State Attorney General’s office recently announced that it had received approximately 1,300 data breach notifications in 2016, a 60 percent increase over the previous year. The reported breaches resulted in the unauthorized exposure of personal and financial information of about 1.6 million New York State residents.[1]

The Office of the Attorney General began collecting information regarding the unauthorized exposure of personal data after New York’s General Business Law section 899-aa was enacted in 2005. That statute generally provides that parties conducting business in New York State that own or license computerized data containing individuals’ “private information” must disclose any breach to any New York State residents whose private information was, or is reasonably believed to have been, acquired without valid authorization. In addition, businesses that suffer such a breach must notify the Attorney General and other agencies. Approximately 46 other states currently have similar data breach notification laws.

Of the roughly 1,300 incidents reported, hacking accounted for more than 40 percent of the data security breaches in 2016. Employee negligence or malfeasance, including the inadvertent exposure of records, lost devices and intentional wrongdoing, constituted another approximately 37 percent of these breaches. The most frequently acquired information in 2016 was Social Security numbers, financial account information, driver’s license numbers, dates of birth and password/account information.

No organization is immune from the risk of data breaches, which can expose firms to numerous legal obligations and may result in significant liabilities. Therefore, businesses of all sizes must guard against common causes of data breaches, such as hacking and employee acts or omissions, by:

  • creating and implementing a data breach incident response plan,
  • evaluating existing systems and vendor agreements to identify vulnerabilities,
  • assessing the need for cyber insurance,
  • frequently educating employees on cyber risks, and
  • promptly investigating and remediating breaches.

For more information regarding the topic, contact Michael Riela at riela@thsh.com or at 212.508.6773. Visit us at www. thsh.com to learn more about Tannenbaum Helpern’s Cybersecurity and Data Privacy practice.

About Tannenbaum Helpern Syracuse & Hirschtritt LLP

Since 1978, Tannenbaum Helpern Syracuse & Hirschtritt LLP has combined a powerful mix of insight, creativity, industry knowledge, senior talent and transaction expertise to successfully guide clients through periods of challenge and opportunity. Our mission is to deliver the highest quality legal services in a practical and efficient manner, bringing to bear the judgment, common sense and expertise of well trained, business minded lawyers. Through our commitment to service and successful results, Tannenbaum Helpern continues to earn the loyalty of our clients and a reputation for excellence. For more information, visit www.thsh.com. Follow us on LinkedIn and Twitter: @THSHLAW.



Like us on FaceBook Follow us on Twitter Get LinkedIn with us Pin It! Email Us Print this Page

Sitemap | Terms of Use | Privacy | Attorney Advertising

Tannenbaum Helpern Syracuse & Hirschtritt LLP provides legal advice only to individuals or entities with which it has established an attorney-client relationship and such advice is based on the particular facts and circumstances of each matter. Contacting us through this site, or otherwise, will not establish an attorney-client relationship with us. Any e-mail or other communication sent to THSH or its lawyers through this site will not be treated as subject to the attorney-client privilege or as otherwise confidential and you should not include any confidential information in any such communication.