Retailers fight to silence customer data breaches

Violet Blue reports:

A consortium of retailers, including Target and Home Depot, vowed to fight a data breach notification bill. The bill, HR 2205 from Reps. Randy Neugebauer (R-Texas) and John Carney (D-Del.), would require companies to tell customers when they’ve been hacked and would also require the encryption of data in both storage and transit. It would hold retailers to the same data-security standards as the financial sector.

Read more on engadget.

Actually, I don’t really blame them for opposing it, as it’s not a good bill. And do we really need another data breach notification bill that exempts government entities? Or that requires an SSN to trigger notification for a personal information breach? I don’t think so.

CISA orders federal agencies to patch Sitecore zero-day following hacking reports
3rd Circuit Clarifies Scope of Computer Fraud Abuse Act With Employer's Policies
Appeals Court Upholds FCC Data Breach Rules for Hacked Telecoms
CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
Former JBLM soldier pleads guilty to attempting to share military secrets with China
US govt login portal could be one cyberattack away from collapse, say auditors

Related: