Dan Clark reports: Credit reporting agencies will now be required to register with the state and comply with its cybersecurity regulations, the state Department of Financial Services announced Monday. The new rules are the state’s response to last year’s data breach at Equifax, a credit reporting agency, that exposed the personal information of 143 million people. If a…
Category: State/Local
Virginia Amends Breach Notification Law Applicable to Income Tax Information
Hunton Andrews Kurth writes: On July 1, 2018, HB 183, which amends Virginia’s breach notification law, will come into effect (the “amended law”). The amended law will require income tax return preparers who prepare individual Virginia income tax returns to notify the state’s Department of Taxation (the “Department”) if they discover or are notified of…
Changes to Louisiana’s Data Breach Notification Law Go Into Effect August 1
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write that changes to Louisiana’s data breach notification law (Act 382) go into effect on August 1 of this year. Those changes include expansion of the definition of personal information, requirements that notification be made no later than 60 days from discovery of…
South Carolina Enacts First Insurance Data Security Act
Edward J. McAndrew of Ballard Spahr LLP writes: South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 14, 2018. The Act…
Georgia governor vetoes ‘hack back’ bill
Good! Ryan Johnston reports: Following weeks of outcry from cybersecurity companies and independent researchers, Republican Georgia Gov. Nathan Deal vetoed the state’s proposed “hack back” bill on Tuesday. The bill, SB 315, sought to create the misdemeanor crime of “unauthorized” computer or computer network access, criminalizing the act of “intentionally” logging into a computer or website hosted in Georgia without the user first…
Hackers target Georgia Southern, Augusta restaurants
So if you want to prove a hacking bill is a bad idea, engaging in black hat/grey hat activities may not be the best way to persuade people. Tom Corwin reports: A hacking group upset with Georgia legislation that could criminalize what they do targeted Georgia Southern University and two Augusta restaurants in an ongoing…