Reported cyber attacks in Washington still elevated, report finds
A new report from the Washington State Attorney General’s Office has found that cyber attacks in the state have dramatically increased over the last two years.
In 2021, there were more than five times as many cyber attacks as 2019. This year’s numbers were lower than last years, but far above pre-pandemic levels. Other types of data breaches, such as unauthorized access, or mistakes, have increased as well, but by far smaller margins.
Washington Attorney General Bob Ferguson said there may a few factors at play. He said more people work from home now than before the pandemic, and there are more bad actors looking to access sensitive information.
“What that tells me, and what that tells my team is, these are not inadvertent mistakes by a company that exposes someone's personal information, this is targeted, this is organized, and this is professional,” he said.
The most common type of data stolen is social security numbers, followed by banking information and health insurance, or medical information.
The attorney general said in light of that increase, he’s asked for a few changes to state law including requiring notices of data breaches provided in languages other than English, and require more opt out notices, and transparency from private companies that collect data so customers are more aware of what information is being collected.
Ferguson said health data is particularly vulnerable. One of the top victims of data breaches was healthcare organizations. Ferguson said many Washington residents are also unknowingly sharing data with private companies, such as period tracking apps or smart watches.
“Most Washingtonians believe that their health information is always protected, that there are laws in all circumstances that will protect your personal health information, and that's not the case,” he said.
That data he said could end up for sale and eventually in the hands of political groups seeking to organize against abortion access, or law enforcement in states that have banned the procedure.
He said there is legislation introduced next session to put more safeguards around healthcare data and require more transparency from data brokers operating in Washington.