[Dataloss] Call for worldwide breach notification laws
security curmudgeon
jericho at attrition.org
Wed Sep 19 07:58:07 UTC 2007
---------- Forwarded message ----------
From: InfoSec News <alerts at infosecnews.org>
http://www.siliconrepublic.com/news/news.nv?storyid=single9222
By John Kennedy
17.09.2007
High profile security breaches such as the theft of financial details of
more than 46.7 million TK Maxx customers and the burgeoning level of
personal data held by business has led to the chief security strategist of
a major software firm calling for unified and stringent international laws
requiring firms to reveal breaches as they occur.
Chief security strategist at Citrix Kurt Roemer said that governments,
including Ireland, should establish laws requiring organisations to notify
individuals in the event that their personal information is compromised in
a data security breach.
In March of this year it emerged that details of 45.7 million customers of
US retailer TJX (known here in Ireland as TK Maxx) were stolen. The data
was accessed on TJX’s systems in the UK and in Massachusetts over a
16-month period and the data accessed covered credit and debit card
transactions dating as far back as December 2002.
Such breaches have prompted governments around the world to consider
implementing stringent breach notification laws.
[..]
More information about the Dataloss
mailing list