How data breaches break down by state and sector

The number of data breaches since 2005 are sliced and diced by state and sector, but nobody should be really surprised by the results.

data breach map intro

Leaking breaches everywhere

Morgan & Morgan, a personal injury law firm, has compiled data that shows 930 million records have been breached since 2005. In 2010, if you received a notification of a data breach, your chances of becoming a victim of fraud were one in nine. By 2012, those odds had shrunk to one in four. Now, in 2014, it’s one in three. Here is a breakdown by state and sector of the data breaches in the past 10 years.

data breach bystate

Data breaches by state

Court Ventures, with 200 million records, pushes California to the top of the state rankings table. Separating the breaches by sector reveals more. We’ll start with Education. (The darker colors indicate the higher number of breaches.)

data breach education

Data breaches in education

Despite UCLA having the single largest breach since 2005, California doesn’t rank number one overall—Arizona does. That’s thanks to the Maricopa County Community College District. Their security breach in 2013 exposed the personal information of 2.4 million people. In May 2014, a class action lawsuit was filed against them by two students, who sought $2,500 each in compensation.

data breach finance

Data breaches in the financial and insurance sector

New Jersey is currently in first position for total records breached in the financial and insurance sector, thanks to the hack of Heartland Payment Systems in 2009, which may have been the result of a global cyber fraud operation. As of April 2012, the total sum of money awarded to victims of the breach was $1,925.

Despite the breach affecting 130 million people and the settlement notice reaching at least 81.4% of them, only 11 valid claims were submitted and processed.

data breach covt military

Government and military breaches

The state, so to speak, at the top of the list for Government and Military data breaches is, as you might have guessed, Washington DC. The agency responsible for most of the compromised records is U.S. Military Veterans, who in 2009 sent a defective hard drive containing a very large Oracle database back to its vendor to be fixed. The vendor determined it couldn’t be repaired and sent it to another firm for recycling. Along the way, 76 million records from the Oracle database on the drive were exposed.

data breach nonprofit

Non-profit breaches

Non-profit organizations have survived relatively unscathed since 2005, with Missouri, in first place, losing ‘only’ 1 million records in data breaches in the last nine years. The 1 million records that were compromised in Missouri were accessed by a dishonest employee of the St. Louis chapter of the Red Cross, who used the information of at least three of the 1 million people affected to commit identity theft.

data breach medical

Breaches in the medical field

It’s believed that Chinese hackers were responsible for the data breach earlier this year of 4.5 million records held by Community Health Systems in Tennessee (putting the state in first place, just ahead of California). Five Alabama residents have filed a class action lawsuit as a result of the breach.

data breach retail

Retail breaches

There has been a slew of retail chain data breaches since late 2013, mostly involving credit and debit card fraud. In January 2014, Target announced a breach affecting 70 million customers, but that still didn’t put them, and the state their headquarters reside in, at the top of the rankings above.

That dubious accolade belongs to TJ Maxx, based in Massachusetts, which suffered a breach of about 100 million records in 2007.

RELATED: Millions of records compromised in these data breaches

The data breach quiz: What have we learned?