The report, which details the nature of data breaches reported to her office from 2012 to 2015, found that overall there were 657 data breaches. More than 49 million records of Californians’ personal information were compromised.
Of those, the retail sector was the most vulnerable, accounting for 24% of breaches. The financial sector came in second, accounting for 18%, while the healthcare industry came in third, accounting for 16% of breaches.
The types of data stolen included Social Security numbers, payment card data and medical information.
The report came with recommendations for state policymakers and organizations to protect people’s data, such as using encryption to protect personal information on laptops and portable devices, and using multi-factor authentication on consumer-facing online accounts.
"With more of our personal information online, it is imperative that organizations employ strong privacy practices,” Harris said in the report. "Foundational to those privacy practices is information security: if companies collect consumers’ personal data, they have a duty to secure it."