• BREAKING NEWS ABC shows live and on-demand -- Download the WATCH ABC app!

Attorney General: Small businesses are main targets of cybercrime

California Attorney General Kamala Harris is taking action to play a bigger role in fighting cybercrimes.
February 27, 2014 12:00:00 AM PST
Data breaches in California over the last two years have compromised more than 20 million customer accounts. Now California Attorney General Kamala Harris is taking action to play a bigger role in fighting cybercrimes.

According to Harris, a large number of cybercriminals are looking for someone who forgot to "lock the door." In other words, they're after those victims who make it easy for the criminal to engage in hacking, malware and data breaches.

Harris found that small businesses are among the most vulnerable.

Most of us have heard about the massive data breach at Target and other large stores. But according to Attorney General Harris, California small businesses and some government agencies have been the victims of at least 300 separate data breaches during the past two years, allowing cybercriminals to access the personal information of some 20 million small-business customers.

Small businesses just don't have the resources or the funds to do the job. Thursday, Harris said it's time to make cybersecurity a priority.

Harris said the California Department of Justice will be playing a more active role in advising employers about the need to make their credit card and debit card purchases, along with the personal information that goes with it, more secure.

In fact, Harris released a 34-page guide with advice for smaller businesses, including:

  • Encrypt all data
  • Use a secure browser connection
  • Install firewalls
  • Protect passwords
  • Educate employees

The Attorney General's Office said small and medium sized businesses usually don't have full-time security personnel. As a result, nearly a third of all hacking attempts targeted businesses with fewer than 250 employees.

According to the Attorney General's Office, in 2003 California was the first state to pass a law mandating data breach notification, which requires businesses and state agencies to notify Californians when their personal information is compromised in security breach.

In 2012, companies and state agencies subject to the law were required for the first time to report any breach that involved more than 500 Californians to the Attorney General's Office. That first year, The Attorney General's Office received reports of 131 data breaches, which placed the personal information of an estimated 2.5 million Californians at risk.


Load Comments