Harris attends a news conference to announce the creation of the Mortgage Fraud Strike Force in Los Angeles
California Attorney General Kamala Harris.REUTERS

Nearly half of the population in the US state of California suffered from cyber attacks in 2013, according to its attorney general.

California attorney general Kamala Harris said personal records of 18.5 million people in the state were at risk in 2013 due to cyber intrusions, a seven-fold increase from the previous year.

The state suffered 167 breaches in 2013 at retailers, banks, healthcare providers and government entities, compared to 131 breaches in 2012, when about 2.5 million people were hit by data loss.

Data breaches at retailer Target and online marketplace Living Social have contributed largely to the sudden increase, Harris said in a report. Other major retailer data breaches happened in 2013 include those at Home Depot Inc, art supply chain Michaels Stores Inc and department store chain Neiman Marcus.

While retailers remained the prime targets of hackers, financial institutions and health care providers also became victims to cyber attacks last year.

The hacking attacks resulted in the loss of key data such as social security numbers and credit and debit card account information.

The average amount of fraud connected to a stolen social security number is $2,330 and the average for a credit card is $1,251, Harris said citing statistics from Javelin Strategy and Research, a California financial research firm.

"Data breaches pose a serious threat to the privacy, finances and personal security of California consumers," Harris said.

She noted that greater use of encryption could enhance security and prevent data loss. In addition, the state is drafting a new law that mandates companies to offer at least one year of free theft-prevention assistance to consumers.

Harris also recommended legislation to provide financial aid to small businesses to strengthen cyber security standards.

She noted that "trans-national criminal organisations" appear to be responsible for most of the data breaches.

"Increasingly, highly sophisticated criminal organizations and state-sponsored entities -- located as far away as Russia, China and Eastern Europe -- are responsible for breaches," Harris said.

She also launched an eCrime Unit in the criminal division of the Office of the Attorney General. The unit will be responsible for the investigation and prosecution of large scale identity theft and technology crimes with actual losses in excess of $50,000 (€39,000, £31,000).