Shostack + Friends Blog Archive

 

Mo-mentum on centralized breach reporting?

A Missouri state bill requiring notification of the state attorney general as well as of individuals whose records have been exposed just took a step closer to becoming law.
As reported in the St. Louis Business Journal on April 1:

Missouri businesses would be required to notify consumers when their personal or financial information is compromised in security breaches, under a bill that received initial approval Wednesday from the Missouri Senate.
[…]
f the personal information of more than 1,000 Missourians has been breached, companies would be required to notify the state attorney general’s office, which would have the authority to seek civil penalties up to $150,000 per security breach, under the bill.
The legislation needs a second vote of approval before moving to the House for similar consideration.

St. Louis Business Journal
Should the bill become law, Missouri would become one of several states requiring centralized notification to state authorities for at least some breaches.

2 comments on "Mo-mentum on centralized breach reporting?"

Comments are closed.