They also agreed that the agencies are moving forward jointly on reforming the Community Reinvestment Act, but hedged on when a proposal could be released.
Although data breaches are rare, almost half – 44 percent – are caused by third-party vendors, according to an esentire survey. Of the data breaches that happened from a vendor, only 15 percent of firms affected reported that the vendor informed them when a breach happened. The survey was sent out to 600 information technology and security decision-makers, asking about their top concerns around supply chain and policies or procedures used to mitigate identified vendor risks. Sixty percent of respondents said their organizations have formalized third-party policies, and most firms (90 percent) review these policies annually. While most (81 percent) find the policies effective, breaches still happen.
New law requires consumer notification if a hacker obtains private data such as passport numbers, usernames and passwords
OLYMPIA — Today, with a unanimous, bipartisan vote, state legislators passed a bill requested by Attorney General Ferguson that strengthens data breach notification laws. The bill expands consumer data breach notification requirements to include more types of consumer information. It also reduces the deadline to notify consumers to 30 days from 45 days. Rep. Shelley Kloba, D-Kirkland, sponsored the bill, which passed the House in a unanimous, bipartisan vote on March 1. “My office has seen the number of Washingtonians impacted by data breaches increase year after year,” Ferguson said. “Data breaches are a serious threat to our privacy, and this law will arm consumers with information to protect their sensitive data.”