Dive Brief:
-
In his weekly video address Monday, U.S. Attorney General Eric H. Holder, Jr. urged Congress to pass legislation requiring retailers to make significant customer data breaches known in a timely manner.
-
Holder said that his office would be better enabled to investigate breaches if retailers were made to disclose issues promptly.
-
He advised that any legislation could hold exemptions for “harmless” breaches to avoid undue burden on retailers.
Dive Insight:
This push comes on the heels of Congressional hearings where members of Congress expressed dismay over the breaches and mixed communications from targeted retailers. While Target, the highest profile victim of malware hacking, did notify customers on its own through emails and other means, the disclosure was seen as somewhat slow-footed and not entirely forthright. Neiman Marcus, another victim of the same malware, was widely criticized for failing to disclose its breach until the news broke elsewhere.
