Around a million people in the US state of Massachusetts have had their credit card numbers, medical records or other personal information leaked or stolen over the past two years.

According to records provided to the Boston Globe by state officials, one in six people have been affected following the theft of laptop computers and the loss of a computer data tape. However most of the stolen details involved successful hacker attacks on computer centres, where large amounts of personal data are stored.

There have been no confirmations on whether any of the incidents of leaked or stolen data resulted in any instances of identity theft, as the state's records reflect only that the information was exposed.

The Globe reported that as of November 2009, the state had received 807 data breach notifications from a variety of institutions that collect personal information, from companies to banks and colleges.

On the 1st March, new state regulations will require organisations to take stronger measures to ensure data security. Institutions that hold such personal data will have to write an official security program and train employees to follow it. In addition, organisations will have to encrypt all personal data stored on laptops, flash drives, or other portable devices, or that is transmitted over the public internet or wireless networks.

Joe Bartolotta, a spokesman for Eastern Bank of Lynn, Massachusetts, said: “The regulations are a good reminder of what we're in the business to do.”