A report issued by the California Attorney General stated that in 2012, 131 data breaches resulted in the release of personal information affecting more than 2.5 million Californians. This report was elicited from a law that took effect in 2012, which requires California companies and government agencies for the first time to submit copies of their data breach notices to the Attorney General. This law demonstrates that California continues to be a trendsetter regarding data breach notification. In 2003, California was the first state to enact legislation requiring data breach notification. Now, all but four states require such notification. In the near future, other states, that have not already done so, could follow California’s newest data breach law and require state companies and government agencies to submit copies of their data breach notices to the state Attorney General annually. Additionally, California’s report and continued legislation across the county illustrate the extent and types of breaches, the number of people affected by data breaches, and state legislatures’ recognition of data breach danger.