ST. PETERSBURG, Fla. - From Orbitz to Target, Yahoo, and now Macy’s, data breaches that jeopardize your personal information are happening daily.

According to Breach Level Index, which tracks breach statistics, more than 9 billion records have been lost or stolen since 2013.

That’s more than 5 million everyday. Or 3,500 every minute.

The question now is why?

Businesses are not taking the proper precautions to protect their data and their computer networks, said John Fay with Abacode Cyber Security. Many companies don’t believe they are a target, but every business is a potential victim, said Fay, adding that businesses should take these steps to invest in online security:

  • Companies should conduct a security assessment.
  • Have all employees take a cybersecurity awareness training program.
  • Develop appropriate policies and procedures which help the entire organization to improve the company’s cybersecurity posture.

Software and hardware will not fix this problem, said Fay, adding that a layered multifaceted approach is needed.

MORE: The scent of cybersecurity?

Each state has laws about privacy and punishments for data breaches. The topic is similar to seatbelts - nobody wanted to wear one until stricter laws were passed.

Companies won’t adopt strong cyber security measures until there are strict laws requiring such or a lot of lawsuits that will send a strong message, Fay said.

For now, consumers can ask companies that may have their personal information what are they doing to protect them.

They may not be ready to answer that question, but it’s time to start asking.

So what can you do? Make sure you do the following:

  • Use two-factor authentication
  • Change your password often
  • Use lengthy passwords with special characters

Make it easy to keep up to date with more stories like this. Download the 10 News app now.

Have a news tip? Email, visit our Facebook page or Twitter feed.