NC Department of Justice releases 2023 data breach report 

Attorney General Josh Stein speaks in Raleigh in this file photo. N.C. Dept. of Public Safety

RALEIGH — North Carolina Attorney General Josh Stein has released a report on data breaches for 2023.  

“So much of our lives and our private information exist online,” said Stein in a media release. “We must take every precaution to protect our data – and the companies that have access to it must take every precaution as well. When businesses fail to safeguard people’s information, my office will not hesitate to hold them accountable.” 

Advertisements

The North Carolina Department of Justice’s (NCDOJ) data breach report contains tips and helpful advice for protecting data online, avoiding phishing scams, and defending against hacking. 

Highlights from the report include: 

  • Businesses reported a record 2,033 data breaches in 2023, the highest number of breaches ever reported to the NCDOJ. 
  • More than 4.9 million North Carolinians were affected by data breaches – the second highest number of people impacted in a single year, second only to the 5.3 million North Carolinians affected in 2017 (largely a result of the Equifax breach). 
  • Hacking-related breaches were at a record high of 1,607, causing 80% of all reported breaches. That number surpassed the previous high of 1,492 in 2021. 
  • Phishing, ransomware, and breaches involving email were all down in 2023. 

Security breaches to general business made up 50% of the reports, followed by 23% in financial services/insurance, and 14% in the health care industry. Government breaches accounted for 3% while educational and nonprofits came in at 5% each.  

The report also notes settlements for data breach issues secured by the NCDOJ.  

Last October, settlements were made with Blackbaud and Inmediata due to inadequate security practices that compromised the personal information of North Carolinians.  

Blackbaud settled for $49.5 million following a 2020 ransomware attack affecting millions nationwide. In that case, the NCDOJ received 313 breach notices, impacting 78,697 residents. North Carolina’s share of the settlement is $1,181,270.  

Inmediata settled for $1.4 million for exposing the health information of 1.5 million consumers over three years. The state will receive $27,870 from that settlement. 

Stein’s release asks members of the public who may have been the victim of a hack and may need to request a free security freeze to contact his office or visit www.ncdoj.gov/securityfreeze. 

About A.P. Dillon 1442 Articles
A.P. Dillon is a North State Journal reporter located near Raleigh, North Carolina. Find her on Twitter: @APDillon_