California Senate passes amendment to breach law to incorporate access to online accounts

California continues to lead the way in protecting consumers whose data have been breached. By a vote of 37-0-1 last week, the Senate passed S.B. 46, a bill introduced by Senator Ellen Corbett.

The bill amends existing law to expand required notification to situations involving access to an online account. The law would still incorporate an acquisition standard as a trigger for notification, but the definition of personal information is amended to replace “username, password” with “(2) A user name or email address, in combination with a password or security question and answer that would permit access to an online account.”

The bill now moves to the House.

h/t, Law360.com

California Sets 30 Day Deadline for Data Breach Notifications
Harrods warns customers their personal data could have been stolen by hackers in new cyber-attack
SEC to Notify Crypto Businesses of Technical Violations Before Taking Action: Report
English Court of Appeal Rules on Compensation for Data Breaches
3rd Circuit Clarifies Scope of Computer Fraud Abuse Act With Employer's Policies
HHS OCR Settles HIPAA Ransomware Security Rule Investigation with BST & Co. CPAs, LLP

Related: