At least 200 times in the last year and a half, sensitive personal data has been lost or stolen, the majority of cases involving federal, state or local agencies, say Privacy Rights Clearinghouse (PRC) data reported by Stateline.org. Since the beginning of 2005, the personal data of 88 million people have been exposed because of security breaches. A hacker in Nebraska last month broke into the state treasurer’s database of child-support data and gained access to the Social Security numbers, bank-account routing numbers, and other personal data of 300,000 people. Oregonians may have had personal data stolen from state computers when an ex-state employee downloaded a virus from a porn site while at work. Personal information about thousands of Illinois state workers has been found in dumpsters twice in the past year.
States are cracking down on identity theft by requiring businesses and public agencies to notify people when their personal information has been compromised because of security breaches. California was the catalyst for requiring consumers to be notified of such data breaches when it passed first-of-its-kind legislation in 2003. Since then 31 other states also have adopted security-breach notification laws, says Consumers Union.