Up to 1.3 million Georgia Tech faculty and students were affected by a recent data breach exposing their names, addresses, Social Security numbers and birth dates.

Last year, Augusta University Health officials feared sensitive health and personal information of 417,000 people may have been compromised.

And if you were around in 2017, you probably remember the infamous Atlanta-based Equifax breach involving a whopping 145.5 million Americans' names.

If you’re tuned in to the news, it may seem as if data breaches are becoming increasingly common across the country.

According to a recent report from English tech research site Comparitech, since 2008, there have been 9,696 data breaches involving more than 10.7 billion records.

Georgia has been particularly vulnerable.

In fact, the state ranked fifth in the country for most breaches between 2008 and June 2019 with a total of 300 breaches affecting 350,628,949 records.

Only California, New York, Texas and Florida had more breaches than Georgia.

So are data breaches simply on the rise? Not necessarily. What's changed in recent years are the laws requiring companies to actually report such breaches. According to Forbes, companies weren't always obliged to tell the public or government when they experienced a data breach.

While data breaches are often caused by avoidable human errors, companies are still falling short when it comes to efficient data and cyber security.

Following the massive 2017 Equifax cyber breach, the Republican staff of the House Oversight and Government Reform Committee launched a 14-month investigation and published a 96-page report emphasizing the credit reporting agency's significant shortcomings.

According to a previous AJC report, the committee made recommendations "about ways that Congress, federal agencies and private companies can prevent future hacks, including moving away from Social Security numbers as the prime way to authenticate a person's identity and studying ways to mitigate security risks." But the report "did little to implicate Congress for failing to pass cybersecurity legislation before or after the breach."

Though Equifax challenged “significant inaccuracies” within the report, the company moved forward in hiring cybersecurity consultants and improving data protections.

Consumer advocacy groups have since stepped up to urge the public to take extra precautions when it comes to protecting their own personal data.

Mike Litt, consumer campaign director with the Colorado-based consumer advocacy group U.S. Public Interest Research Group, known as PIRG, told The AJC's Yamil Berard last year that customers are vulnerable to all kinds of identity theft. But the most common type of fraud, credit card theft, represents about one-third of all cases.

Here’s what you can do to protect your data:

  • Create smart, secure passwords.
  • Don't keep important documents out and about.
  • Set up fraud and consumer alerts.
  • Invest in credit monitoring services.
  • Take a look at this checklist of actions to take if you've experienced identity theft.
  • If you get a phone call about alleged fraud, don't provide personal information. Instead, call the number on your bank card and check in with the security department.
  • Check your free annual credit reports.
  • File your taxes early and get an Identity Protection number.
  • Sign up for a MySSA account to protect your Social Security benefits.

More at consumer.ftc.gov.