A House committee approved on April 15 a national data breach notification bill, but the committee chairman concedes that the legislation isn't quite ready for a vote by the full House of Representatives.
White Lodging Services Corp. has revealed a malware attack against point-of-sale systems at 10 of the hotels it manages, potentially exposing payment card data. The disclosure comes about a year after it confirmed a similar malware-related breach.
The House Intelligence Committee has approved cyberthreat information sharing legislation that its leaders developed. Meanwhile, a national data breach notification bill has been introduced that's modeled on language proposed by the White House.
Efforts by some Democratic members of a House subcommittee to amend a national data breach notification bill so that states could retain tougher data security requirements have failed. The measure now advances to a full committee.
Witnesses testifying at a House hearing offered divergent views on the language of legislation to nationalize data breach notification, showing the challenges lawmakers face in crafting a bill that can pass Congress and be signed by the president.
Premera Blue Cross is notifying 11 million individuals about a cyber-attack that exposed personal information. The breach comes on the heels of the massive hack attack against Anthem, which runs Blue Cross and Blue Shield plans.
A proposed national data breach notification bill to usurp 47 state statutes could make it easier for businesses to notify consumers of a breach. But is that worth weakening PII protections some states offer? Massachusetts plans to do battle.
A draft bill circulating in Congress to create national requirements for data breach notification could be the vehicle used to win support for a compromise from lawmakers supporting the divergent interests of the business community and privacy advocates.
Massive breaches, such as the recent hacker attack on health insurer Anthem, highlight why it's important for organizations to understand their breach notification obligations under state laws as well as HIPAA, says attorney Brad Rostolsky.
Information on 50,000 drivers for ride-sharing service Uber was breached in May 2014, the company discovered in September and announced on Feb. 27. Uber has launched a related lawsuit and is seeking records from code-sharing website GitHub.
Anthem Inc. now confirms that the health insurer's recent data breach compromised a database containing personal information on 78.8 million individuals, with information on millions potentially stolen.