the staff of the Ridgewood blog
Trenton NJ, Attorney General Christopher S. Porrino and the New Jersey State Police announced that 676 data breaches were reported to the State Police in 2016 affecting more than 116,000 New Jersey account holders. October is National Cybersecurity Month, and the announcement – the first release of annual statistics on data breaches in the state – was made as New Jersey offered advice and resources to residents to protect their sensitive personal information. The Attorney General’s Office also highlighted legal actions taken this year by the Division of Law and Division of Consumer Affairs to address data breaches.
“Doing business online and on our devices has become so routine that it’s easy to let our guard down. But as these statistics on data breaches highlight, it’s critical that we protect our sensitive personal information from the many who seek to access it for harmful ends,” said Attorney General Christopher Porrino. “The internet touches almost all aspects of our daily life, whether we realize it or not, and Cyber Security Awareness Month is a good time to examine whether our accounts are secure. I urge everyone to take advantage of the great resources New Jersey offers in this area.”
To assist in tackling these security challenges, the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) acts as the state’s one-stop shop for cybersecurity information sharing, threat analysis, and incident reporting. Located at the State Police Regional Operations Intelligence Center (ROIC), the NJCCIC brings together analysts and engineers to promote statewide awareness of cyber threats and widespread adoption of best practices.
“Our mission is to help make NJ more resilient to cyber attacks. We encourage all NJ residents and businesses to reach out to the NJCCIC for advice, to subscribe to our alerts, and to report incidents via our website – www.cyber.nj.gov,” said Michael Geraghty, Director of the NJCCIC.
“The statistics compiled present a sobering picture of the challenges that face us when it comes to cyber security,” said Sharon Joyce, Acting Director of the Division of Consumer Affairs. “We urge citizens to use the resources available through the Division of Consumer Affairs in order to protect themselves and their loved ones from identity theft and other forms of cybercrime. In addition, the Division remains committed to protecting consumers from those companies that fail to safeguard or improperly gather personal information.”
The information released by the Attorney General’s Office and the State Police details data breaches in New Jersey occurring in 2016. Data breaches involve the unauthorized access to personal information, which may include a person’s first and last name linked with a social security number, driver’s license number, or account, debit, or credit card number. Under New Jersey law, any business that operates in New Jersey or any public entity that compiles or maintains computerized records that include personal information must disclose any breach of security to customers who are New Jersey residents and whose personal information was or believed to have been accessed by an unauthorized person.
The business sectors most often involved with breaches include finance/banking, health services followed by business services and retail trade. Other areas include education, restaurant, industrial/manufacturing, hotels, non-profits, non-medical insurance, and telecommunications, among others.
The methods used to breach security were led by phishing, a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, instant message or other communication channels, and hacking. Website malware, employee incident, unauthorized email access and ransomware were also utilized.
The Division of Consumer Affairs offers the following Tips to Consumers:
Avoid clicking on e-mail links or attachments from unknown individuals, financial institutions, computer services or government agencies. To check out the message, go to the sender’s legitimate public website, and use the contact information provided.
Adjust device privacy settings to control sharing of data between applications, software and address books.
Choose a strong password containing letters, numbers and symbols. If a website offers two-factor authentication security, use it.
To protect your device from unauthorized access and malware software, install security software, often available from your internet provider, and ensure that firewall and anti-virus protections are updated continually.
Before disposing of any electronic device, wipe the hard drive using specialized software that will overwrite your information; or donate the device to a certified recycling facility that follows government standards for the destruction of data.
Avoid free Wi-Fi, especially for health, financial, and other personal transactions.
Under federal law, consumers can get three free credit reports per year through www.annualcreditreport.com. New Jersey law entitles consumers to an additional three free credit reports annually – one from each of the national credit reporting agencies. Scrupulous checking of credit reports, bank and credit card statements, and subscription services can catch identity theft at its earliest stages.
Parents can report concerns about websites directed to children to the Division of Consumer Affairs, which enforces the federal Children’s Online Privacy Protection Act (COPPA). Parents should take advantage of parental control software offered by their internet service provider, adjust browser settings to limit children’s access, and review history logs to monitor usage.