Officials push new NC data breach bill

RALEIGH, N.C. (WNCN) — In the face of unprecedented numbers of security breaches in North Carolina, some state officials want to change the state’s identity theft laws.

The state attorney general’s office says North Carolina experienced more than 1,000 data breaches last year affecting more than 5 million residents.

How do they know that? State law requires data breaches be reported to the attorney general’s office in “a timely fashion.”

But Attorney General Josh Stein and some lawmakers say that’s not good enough and it’s time to improve the state’s identity theft protections.

news-app- download-apple-350x50news-app-download-android-350x50

The first ever North Carolina Security Breach report compiled by the state department of justice indicates hacking, phishing, and accidental releases of information are three of the top kinds of data breaches that were reported in the state last year.

As criminals get better at stealing our information, some believe the laws in the state need to get better too.

Rep. Jason Saine (R-Lincoln) says it’s an issue that cuts across party lines.

“This is something members of both parties understand. It’s very critical to citizens across the state and something we need to address,” he said.

Saine is working with the attorney general to file a bill that would update what constitutes a security breach.

Among the bill’s highlights:

• Ransomware attacks would now be considered a breach

• the law would require quicker notification to the Attorney General, within 15 days of a breach

• It would allow credit freezes to be added or lifted for free at any time

• It requires a company is using a credit report to obtain the consumer’s permission first

In the case of a recent security breach at Uber, the company waited a year before notifying consumers. Stein says a practice is like that is unacceptable.

“We want to have a gold standard piece of legislation in North Carolina, and we searched the country to identify the best ideas and put them in this bill,” said Stein.

The Attorney General also says his office has begun a formal investigation of Uber’s security breach to see if they violated any NC laws.

Stein says he’ll be working with attorneys general in 41 other states to take whatever action is necessary regarding that breach.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s