Washington State Data Breaches in 2021 – Analysis
The Washington State Attorney General report on data breaches reported to their office in 2021 shows a significant increase over previous years. No surprise there, right? From the Executive Summary:
- 2021 set a new record for the highest number of data breach notices sent to Washingtonians (6.3 million).
- This represents approximately an 80% increase on the previous record of 3.5 million (2018).
- Moreover, this is a nearly 500% increase over last year.
- Businesses, agencies and other entities 280 reported to our office — also a new record.
- This represents about a 260% increase over the previous record of 78 (2017), and nearly five times last year’s total of 60 breaches.
- Cyberattacks and ransomware attacks spiked in 2021.
- Cyberattacks caused 87.5% of all reported data breaches — up from 63% in 2020.
- 150 notices cited ransomware in 2021 — more than the last 5 years combined. A significant proportion of these refer to the ransomware breach of Blackbaud
- Ransomware attacks accounted for 61% of all cyberattacks (150 of 245) and more than half of all breaches (150 of 280).
- 2021 saw the first recorded mega breach since 2018.
- The cyberattack targeted Accellion, a company that specializes in file sharing technology, resulting in the exposure of files in the possession of the Washington State Auditor’s Office. These files contained the personal information of approximately 1.3 million Washingtonians, including residents’ names, Social Security numbers, dates of birth, bank account and routing numbers, addresses, and email.
- This is the third reported mega breach since 2016.