Can existing laws protect consumers after Target breach? - WTVM.com-Columbus, GA News Weather & Sports

Can existing laws protect consumers after Target breach?

Posted: Updated:
  • NEWSMore>>

  • Opelika veteran receives Medal of Honor

    Opelika veteran receives Medal of Honor

    Tuesday, September 16 2014 3:47 AM EDT2014-09-16 07:47:03 GMT
    On Monday afternoon, a local veteran received an important military honor. President Obama  awarded retired Army Command Sergeant Major Bennie Adkins in Opelika with the Medal of Honor at the White
    More >>
    On Monday afternoon, a local veteran received an important military honor. President Obama  awarded retired Army Command Sergeant Major Bennie Adkins in Opelika with the Medal of Honor at the White House.
    More >>
  • Improving the White Water Classic

    Improving the White Water Classic

    Tuesday, September 16 2014 3:35 AM EDT2014-09-16 07:35:08 GMT
    Now that Tuskeegee and Albany State have faced off in the first ever White Water Classic football game, Phenix City leaders evaluate the weekend's events and discuss ways to improve it in the future. NewsMore >>
    Now that Tuskeegee and Albany State have faced off in the first ever White Water Classic football game, Phenix City leaders evaluate the weekend's events and discuss ways to improve it in the future. News Leader 9's Tyrone McCoy has some of those ideas.More >>
  • Opelika man arrested in Auburn theft

    Opelika man arrested in Auburn theft

    Tuesday, September 16 2014 3:29 AM EDT2014-09-16 07:29:07 GMT
    On Friday Sept. 12, the Auburn Police Division arrested 22-year-old Garrett P. Nixon from Opelika on felony warrants charging him with Unlawful Breaking and Entering a Motor Vehicle and Theft of PropertyMore >>
    On Friday Sept. 12, the Auburn Police Division arrested 22-year-old Garrett P. Nixon from Opelika on felony warrants charging him with Unlawful Breaking and Entering a Motor Vehicle and Theft of Property Second Degree.More >>
PHOENIX (CBS5) -

At least 70 million people are now in the crosshairs of the Target breach. And alarmingly, that number could soar past 100 million.

"It's a game changer," said Mark Pribish, an identity theft expert and vice-president with Merchants Information Solutions, Inc. in Phoenix. "They still don't have a handle on it," he said about the big box retailer's security breach of customers' personal information.

CBS 5 News is asking if there are any protections for consumers, considering potentially a third of American's have now been affected by the hack.

We found laws on the books here in Arizona may not go far enough to protect you. It's not clear yet how many Arizonans have been affected by this breach, but the number could be huge. Arizona Federal Credit Union reports 20 percent, or 20,000 of its 100,000 total card holders had their personal information stolen due to the Target breach.

"The "Arizona" law is one of 46 state breach-notification laws in the U.S.," Pribish said in referring to Arizona civil statute 44-7501. But as we discovered, that statute only requires that a business notify people affected by a breach. "The requirements are minimal," Pribish added.

He says times have changed, and so have data breaches. Arizona's law needs an update, he says.

Pribish, and some politicians alike, suggest there be "...some information security and governance requirements standards for all business regardless of the size of the business," Pribish said.

That's actually the aim of legislation re-introduced in the U.S. Senate just this past Wednesday.
The Personal Data Privacy and Security Act was first proposed in 2005.

"Since that time, it's been proposed virtually every year, and each year, to be polite, there's a watered down version," Pribish said.

It calls for businesses to have a detailed security program. But it also allows for states and the Federal Trade Commission to levy legal action, including fines, against companies liable for data breaches.

"You could be fined up to $500,000 per incident for each data breach event," Pribish explained.

But Ken Colburn with Data Doctors says those "standards" may be a bit futile.

"There's already requirements as a retailer for anybody that's taking credit cards, to comply with the processing card industry requirements," Colburn said.

He points to a more frightening risk not addressed in either PDPSA bill or Arizona's current legislation.

As Colburn put it, "The human on the inside of a system has always been the number one security risk."

The cost of a breach to you, the consumer, could be high. And to companies too. A computer software security company called Symantec found the cost of detection and notification of a breach could cost $188 per customer. If 70 million Target customers are at risk, the breach could cost Target $1.3 billion.

Copyright 2014 CBS 5 (KPHO Broadcasting Corporation). All rights reserved.

Powered by WorldNow

1909 Wynnton Road
Columbus, Ga. 31906

FCC Public File
publicfile@wtvm.com
706-494-5400
EEO Report
Closed Captioning

All content © Copyright 2000 - 2014 Worldnow and WTVM. All Rights Reserved.
For more information on this site, please read our Privacy Policy and Terms of Service.