Nearly 500,000 people in Washington were affected by data breaches in the past year, according to a new report from Washington state Attorney General Bob Ferguson. The vast majority resulted from one incident involving T-Mobile, the Bellevue, Wash.-based wireless company, the report says.
In that breach, a hacker acquired sensitive data from close to 330,000 Washingtonians. GeekWire reported the hack when it happened a year ago. The data of about 15 million credit applicants nationwide was stolen from credit reporting agency Experian between 2013 and 2015. Applicants who had their credit checked for T-Mobile phone plans and financing were affected.
“I take our customer and prospective customer privacy VERY seriously,” T-Mobile CEO John Legere said in a statement at the time. “This is no small issue for us.”
The AG’s report is part of a new cyber security law enacted in Washington in July 2015. The new regulations require companies to notify the AG if a data breach affects more than 500 state residents. It also says businesses must let consumers know about breaches “as immediately as possible.”
Since the law was passed, businesses reported data breaches affecting at least 450,000 Washingtonians. The attorney general’s office says the real number “is undoubtedly higher since several companies reported that they were unable to determine the number of individuals affected.”
In the year since the law took effect, the AG received 39 data breach notifications from businesses in the state.