Obama Administration Proposes More Cyber Security Regulation as Retailers Testify
It's a relatively new playing field, but cyber security is no joke and the Obama administration is making that clear. Acting Assistant Attorney General Mythili Raman told a Senate Judiciary Committee hearing Tuesday that the government would like for there to be new regulation that requires retailers to quickly report electronic identity thefts.
The government's stance comes after major retailers such as Target and Neiman Marcus were hit with major electronic thefts including sensitive personal information such as credit card information. Target's cyber security breach affected up to 110 million of its customers while Neiman Marcus reports that personal data of 1.1 million of its customers were breached over a three-month period in 2013.
"Businesses should be required to provide prompt notice to consumers in the wake of a breach," Raman said. "American consumers should know when they are at risk of identify theft or other harms because of a data security breach."
Executives from both retailers Target and Neiman Marcus testified in the hearing Tuesday, emphasizing that the cold hard reality, sadly, is that cyber security breaches will continue to be a major issue for retailers.
"The unfortunate reality is that we suffered a breach, and all businesses -- and their customers -- are facing increasingly sophisticated threats from cyber criminals," Target chief financial officer John J. Mulligan said. "In fact, recent news reports have indicated that several other companies have been subjected to similar attacks."
Neiman Marcus senior vice president Michael Kingston also chimed in, stating that its anti-virus software was so useless that the company did not learn of the security breach until January. The cyber attacks took place between July and October.
"Never has the need for legislation been greater," Federal Trade Commission Commissioner Edith Ramirez said. "With reports of data breaches on the rise, and with a significant number of Americans suffering from identity theft, Congress needs to act. "
The Tuesday hearing is the first time Target has gone public about the December attacks.
"We know this breach has shaken their confidence in Target, and we are determined to work very hard to earn it back," Mulligan told the committee.
One proposed solution is the increased widespread adoption of EMV technology. A more common practice in Europe, EMV technology creates a new code for every transaction, making it far more difficult to counterfeit cards and use stolen data. With support from senators, many major credit card companies are stating they expect major retailers to have EMV chips by October 2015.
"We need to move together collectively so the whole system is employing chip and PIN technology," Mulligan said.
Have you been the victim of a cyber security breach? If so, let us know your story in the comments below.
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!