January 24, 2020

State, Private Attorneys Help Indiana Businesses Understand Data Breach Issues

Original story from   IPBS-RJC

Article origination IPBS-RJC
(left to right) Ice Miller associate Mason Clark and partner Stephen Reynolds present with Office of Attorney General Section Chief Doug Swetnam at the Indiana Chamber 2020 Business Technology Summit. - Samantha Horton/IPB News

(left to right) Ice Miller associate Mason Clark and partner Stephen Reynolds present with Office of Attorney General Section Chief Doug Swetnam at the Indiana Chamber 2020 Business Technology Summit.

Samantha Horton/IPB News

The Indiana Attorney General’s Office says it’s received at least 900 reports of data breaches annually for the past three years. That number is only a fraction of the breaches happening around the state.

Traditional data breaches stole information including social security and driver's license numbers or credit card information. However, with more card fraud protections and more supply than demand for personal information, hackers are targeting other data.

Stephen Reynolds is a partner at law firm Ice Miller. He works with businesses in Indiana and around the world on data security and privacy issues. He says there’s been a shift in the information hackers are trying to collect.

“What I’m seeing is a lot of attacks focused on fund transfer fraud, business email compromise,” says Reynolds. “So essentially hackers trying to trick companies to wiring money out of the door.”

Reynolds says even if a business doesn’t deal directly with consumers, their employer information and finances are still potential targets.

Under Indiana law a data breach is considered “an unauthorized disclosure of identified or identifiable information.”

Indiana Attorney General Data Privacy and Identity Theft Unit Section Chief Doug Swetnam says the state’s specific language means not all breaches are reported.

“So a breach that contains, log-in and passwords, wouldn’t necessarily trigger a reporting requirement for a company, but it’s a breach and it’s the kind that could actually jeopardize your information on important sites,” says Swetnam.

He says some of those include tax, healthcare and financial sites.

Ransomware and fund transfer fraud are expected to be some of the top cybersecurity threats for businesses in 2020.

Contact Samantha at shorton@wfyi.org or follow her on Twitter at @SamHorton5.

Support independent journalism today. You rely on WFYI to stay informed, and we depend on you to make our work possible. Donate to power our nonprofit reporting today. Give now.

 

Related News

Advocates warn election results could lead to more limits on reproductive rights
Voters retain all 18 Marion County Superior Court judges
Republican incumbent Jim Baird wins reelection in Indiana’s 4th Congressional District