Cyber security

(The Center Square) – According to a recent study, more than 700 New York businesses were victims of data breaches over five years, and those cyber attacks cost companies more than $38.6 million.

The study by Forbes Advisor was based on data from the FBI's Internet Crime Complaint Center. It found that New York suffered the fourth-highest total of attacks and the fourth-highest financial damage.

From 2017 through last year, 11,343 businesses across the country had their systems breached, leading to losses totaling $431.8 million.

The number of breaches has mostly declined over that timeframe, from 3,593 in 2017 to 1,208 last year. However, the amount of damages has grown. In 2017, businesses lost $55.1 million. Last year's breaches caused $127 million in losses.

That's been the case with New York as well. According to the IC3 data, just 78 of the 705 corporate data breaches over the past five years occurred last year, but those attacks accounted for $12.4 million of the losses.

There are various types of breaches. According to Maryville University, one of the most common attacks is phishing, which involves someone sending an email that appears to come from an innocuous source. However, once someone opens a link or downloads something from the email, they expose the company's data.

Rob Watts, a business editor at Forbes Advisor, said there was no silver bullet to safeguarding company systems against attacks.

"True protection comes from a combination of the right software tools, employee knowledge on cyberthreats and established best practices in using company tech," Watts said. "Many data breaches come as a result of human error, so it's important to make your employees as knowledgeable as possible when it comes to spotting and countering threats."

The Federal Trade Commission reminds businesses they have legal requirements when they suffer a breach. Those vary by state.

According to the New York State Office of Information Technology Services, companies conducting business in New York must notify the State Attorney General's office, the State Police and the State Division of Consumer Protection.

The IC3 data found that California had the most corporate breach events, 1,807, and suffered the most losses, $81 million.

Many of New York's neighboring states were not immune to breaches. Pennsylvania ranked sixth with 380 reported breaches and fifth with $17.8 million in losses, and New Jersey had the seventh-highest number of breaches, 266, and the sixth-most losses at $16.8 million.

Connecticut had 166 breaches over the five years, and its losses of $11.6 million were the ninth-most among states.