An Analysis of Cybersecurity Data Breach in the State of California

Abstract

As the wave of data breaches continues to crash down on organisations, we will analyse the largest publicly available database of data breaches in the state of California using the public data breach database functioning under the state notification law of data breach. The dataset contains records since January 2012. These records were analysed in order to classify and identify California data breaches by multiple company types, attack vectors and stolen personal information. The main findings were that Software vulnerability is the most common attack vector due to third-party software, the financial industry is the most targeted industry while both large and small organisations are equally targeted by attackers. The analysis also found that credit/debit card information and social security numbers represent the most stolen personal information.