Gracie Bonds Staples reports:
Snellville police on Saturday were investigating how thousands of documents containing people’s personal information ended up in a dumpster behind a local strip mall.
[…]
Although police said they didn’t have a lot of information about the documents, the reporter said the paperwork contained credit card information, including three-digit security codes and checking account documents that listed both the account and routing numbers.
Read more on AJC. I expect we’ll eventually learn the source of these documents.
As far as I know, Georgia data breach notification law does not cover paper records. So what will happen here? Maybe nothing. Yet again, we need a strong national data protection law as well as data breach notification statute that covers personally identifiable information in any format.