When — and Why — Do Companies Come Clean About Customer Information Getting Hacked?

Facebooktwittergoogle_plusredditpinterestlinkedinmail

Just how do companies decide when to report privacy breaches — to the government, to its customers, and to YOU? The Wall Street Journal has a lengthy piece on the very first steps companies should take upon learning they’ve been hacked. The article says 46 states have laws that specify when a company has to inform people whose records have been exposed in a data breach, but each state interprets the laws differently.

According to the WSJ article:

“Usually, if the data stolen include a name and something like a credit-card or Social Security number, then notification laws are triggered. But sometimes if the data are encrypted or there’s a strong reason to believe that the information won’t be misused, there’s no need to tell anyone. In other cases, credit-card data could be so old that all the cards would have expired. Deciding whether to disclose a breach isn’t just a matter of law. Sometimes companies do it because they’re afraid it will get out or just because they think it’s the right thing to do.”

 

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Elaine Rigoli

Elaine Rigoli is PRIVATE WiFi's manager of digital content strategy.