DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Massachusetts AG Healey Launches Online Data Breach Reporting Portal

Posted on February 2, 2018 by Dissent

Note the last paragraph in the following press release. We’ll have a bit more ready transparency about breaches reported to Massachusetts, but in terms of numbers, we will only see the number of Massachusetts residents affected. That’s still better than what we have right now, though, so good news!

BOSTON – Making it easier and more efficient to report data breaches that affect Massachusetts residents, Attorney General Maura Healey today launched a new Data Breach Reporting Online Portal, which businesses and organizations can use to provide notice to the AG’s Office as required by the Massachusetts Data Breach Notification Law.

The portal, available through the AG’s website, gives organizations the option of reporting data breaches online to the AG’s Office in lieu of delivering a hard copy notice.

“Data breaches are damaging, costly and put Massachusetts residents at risk of identity theft and financial fraud – so it’s vital that businesses come forward quickly after a breach to inform consumers and law enforcement,” said Healey. “This new feature allows businesses to more efficiently report data breaches so we can take action and share information with the public.”

Since November 2007, the AG’s Office has received notice of more than 21,000 breaches, with 3,821 breaches reported in 2017 affecting more than 3.2 million residents.

In September 2017, following a major data breach at credit reporting firm Equifax Inc., Healey filed the nation’s first enforcement action  over the company’s failure to protect sensitive and personal information of nearly three million Massachusetts residents and also announced proposed legislation that will better protect consumers from data breaches.

The Massachusetts Data Breach Notification Law (M.G.L. c. 93H) requires any entity that owns or licenses a consumer’s personal information to notify affected Massachusetts residents, the Office of Consumer Affairs and Business Regulation (OCABR), and the AG’s Office any time personal information is accidentally or intentionally compromised.

Data breaches may occur due to intentional hacking or because of human error, such as sending an e-mail to the wrong person or losing a laptop. Institutions experiencing data breaches range from the largest, most sophisticated institutions in the state to small businesses with only one or two employees. While many breaches affect a relatively small number of consumers, many entities have experienced data breaches affecting large numbers of consumers.

The Massachusetts Data Breach Notification Law was enacted on Aug. 2, 2007, and since then the AG’s Office has been focused on making sure consumers receive proper and prompt notice when their information is put at risk by a data breach. Notification is important so that consumers can guard against harm, ranging from unauthorized use of a credit card to identity theft.

The use of the portal is voluntary and entities can still send written notice to the AG’s Office through mail. Use of the portal does not relieve an organization of its obligations under chapter 93H to also notify OCABR and affected Massachusetts residents.

A database that allows members of the public to view information online about reported data breaches is expected to be available on the AG’s website in the coming weeks. It will allow consumers to see which businesses have reported data breaches and when, as well as the estimated number of affected Massachusetts residents.

SOURCE Office of Attorney General Maura Healey

No related posts.

Category: Commentaries and AnalysesOf NoteState/LocalU.S.

Post navigation

← People are taking Equifax to small-claims court via chatbot — and winning
AU: Notifiable Data Breaches scheme takes effect on 22 February 2018 →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hunters International to provide free decryptors for all victims as they shut down (1)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case
  • Cyberattacks Disrupt Iran’s Bread Distribution, Payments Remain Frozen
  • Hacker with ‘political agenda’ stole data from Columbia, university says
  • Keymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS Attacks
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.