DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Shortened Breach Disclosure Periods Could Hurt Consumers

Posted on August 2, 2011 by Dissent

Ericka Chickowski writes:

As the SAFE Data Act data breach law made its way to the House Energy and Commerce Committee after passing through the Subcommittee on Commerce, Manufacturing and Trade last week, security experts are wondering at the wisdom of a national data breach law that requires notification within 48 hours of a breach’s discovery. While delayed notifications and stonewalling from some companies have been a big problem following data breaches, some security experts believe that an exaggeratedly short notification window will actually end up hurting consumers rather than helping them.

Read more on Dark Reading.

The article cites Larry Ponemon that most consumers think about 30 days is okay. That’s not consistent with what I’ve been seeing recently where people are getting ticked off in they are not notified within two weeks, but in the bigger picture, their 30-day window may be about right in terms of what the average consumer might expect. Brian Prince comments that another Ponemon study showing that breaches cost more when entities start notifying quickly also argues for not jumping the gun. That’s a good point, but let’s not forget Javelin findings that people who receive breach notices are more than 4x more likely to become victims of fraud or ID theft within the 12-month period, so there is some justification there for prompt notification. How often have we seen data thieves start using data within 30 days? It’s not uncommon.

No related posts.

Category: Commentaries and AnalysesFederalLegislation

Post navigation

← UK: Personal data of those who signed up for contests on The Sun stolen in last month’s hack and posted online
pcs-consultants.com & englishfootball.com hacked by @ThEhAcKeR12 →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
  • Senator Chides FBI for Weak Advice on Mobile Security
  • Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
  • Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
  • Qantas customers involved in mammoth data breach
  • CMS Sending Letters to 103,000 Medicare beneficiaries whose info was involved in a Medicare.gov breach.
  • Esse Health provides update about April cyberattack and notifies 263,601 people (1)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban
  • 20 States Sue HHS to Stop Medicaid Data Sharing with ICE
  • Kids are making deepfakes of each other, and laws aren’t keeping up
  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.