Chairman John D. (Jay) Rockefeller IV today released a staff report titled, “A ‘Kill Chain’ Analysis of the 2013 Target Data Breach.” The report details how Target possibly failed to take advantage of several opportunities to prevent the massive data breach in 2013 when cyber criminals stole the financial and personal information of as many as 110 million consumers.
Rockefeller will formally introduce the report tomorrow when he chairs his third full Committee hearing on data security. The hearing, titled, “Protecting Personal Consumer Information from Cyber Attacks and Data Breaches”, will explore the dangers to consumers posed by recent data breaches. The Chairman will also highlight legislation he recently introduced, the Data Security and Breach Notification Act, that would – for the first time – establish strong, federal consumer data security and breach notification standards. The hearing will begin at 2:30pm in Russell 253. The hearing will also be webcast live via the Senate Commerce Committee website.
SOURCE: Senator Rockefeller (link is to full press release)
Needless to say, I do not necessarily agree with his characterization of the Data Security and Breach Notification Act as offering strong standards.