US Senate Looks to Jail Company Execs Who Hide Data Breaches

data breaches

I think we’ve all been met with indignant shock upon learning that news of recent data breaches at companies like Target and Equifax were sat upon, and not released to the public, for months.  Turns out the US Senate is looking to pass a bill that would jail those same executives if the data breach information is not released to the public within 30 days.  While it’s not a foregone conclusion that it will pass, since a similar bill was proposed in 2014 and ultimately failed, we nevertheless think it IS a great idea to hold those who withhold this important information from the public accountable.
(Cindy Taylor/Publisher)


A new bill was introduced in the U.S. Senate last week calling for jail time for executives who hide data breaches.

As reported by Wired, the bill would result in the imprisonment of executives for up to five years if they don’t report a breach within 30 days of learning of it. According to the report, it’s not clear whether the bill will go anywhere, given that a similar bill in 2014 – prompted by the massive Target breach – attempted to achieve the same goal.

This year, legislators had a number of high-profile hacks to choose from, including Equifax, which disclosed a huge data breach a few months ago. In that case, 145.5 million consumers’ personal information was exposed, including the credit card information of 209,000 people.

Meanwhile, Uber recently revealed it paid hackers $100,000 to conceal a data breach that occurred last year, exposing more than a million customers’ data as well as drivers’ license numbers. The reaction to the news that Uber hid the breach resulted in widespread consternation from regulators around the globe, while all of the state attorney generals in the U.S. vowed to open up inquiries into the data breach and its handling.

The high-profile data breaches come amid surveys that show businesses are not inspiring consumer confidence when it comes to protecting personal information in the event of a cyberattack…


Full Story at Pymnts.com