For Immediate Release:
Friday, January 28, 2022
Nazneen Ahmed (919) 716-0060
(Raleigh) Attorney General Josh Stein today released the North Carolina Department of Justice’s 2021 data breach report recapping a record 2,009 data breaches affecting more than 2.4 million North Carolinians.
“2021 saw a record number of data breaches reported to my office,” said Attorney General Josh Stein. “That means millions of North Carolinians’ private information was put at risk. On this Data Privacy Day, organizations and individuals should all take steps to protect against criminals trying to steal our identities and our money. I will never stop fighting against these scammers, and I will hold accountable any organizations that fail to put in place reasonable protections to keep people’s data safe.”
Ransomware attacks represented a growing threat to businesses and people everywhere in 2021. This year, our office reported a record 605 ransomware breaches, a nearly 50 percent increase over last year’s record. The attacks made up a record 30 percent of all breaches reported to our office. People should follow these tips to protect themselves and their organizations from ransomware:
- Regularly update your antivirus and application software.
- Train employees and users on cybersecurity best practices.
- Only conduct business on legitimate websites and software programs.
- Do not click on links unless you are sure they are safe.
- If you think you’ve been the victim of a ransomware attack, report it to the FBI or the U.S. Secret Service immediately.
Other highlights from the 2021 data breach report include:
- 2021 marked the 12th consecutive record-setting year of data breaches reported to DOJ. The 2,009 notices represent a 22 percent increase over 2020.
- In 2021, more than 2.4 million North Carolinians were affected by data breaches.
- Ransomware breaches accounted for a record 30 percent of all breaches in 2021.
- Phishing and hacking attacks, the leading causes of ransomware breaches, accounted for nearly 90 percent of all data breach reports in 2021.
Under state law, businesses and government agencies must notify our office when a security breach occurs. These reports allow our Consumer Protection Division to help protect people who are impacted, inform the public about the scope of this issue, and, if necessary, take action to hold companies responsible for business practices that fail to protect North Carolinians. If you believe you or your organization was the victim of data breach, contact our office at (919) 716-6000.