In a cruel twist of irony, U. S. Attorney General Eric Holder became a target of attempted tax identity theft just as the Justice Department is taking steps to fight such crimes. Holder is calling for a national data breach law, requiring companies that have suffered a breach to be transparent and notify consumers of breaches.
According to The Wall Street Journal, the thieves, who were sentenced to one year and one day in prison, filed fraudulent tax returns and received refunds, using others’ social security numbers and personal information, including Holder’s social security number and date of birth. Now more than ever, Holder understands the importance of protecting against data breaches and its resulting crimes.
The security breaches at Target and Nieman Marcus in early 2014, initially prompted Holder to call for a national data breach law. In a statement issued by the Justice Department, Holder remarked that these regulations will “empower the American people to protect themselves if they are at risk of identity theft.”
Several different national data breach notification bills have been introduced in Congress this year. Senator Patrick Leahy (D-VT) reintroduced the Personal Data Privacy and Security Act. The bill states that a notification delay to individuals whose information is believed to be breached “shall not exceed 60 days following the discovery of the security breach” unless the Federal Trade Commission, the Secret Service or the FBI authorize an extended delay. This is not the first time members of Congress have pushed for a national data breach notification law; however, past attempts have fizzled and died. Perhaps the latest surge in individuals, affected by data breaches, including Holder, will be the push Congress needs to approve such bills.
The ITRC reported a 30% increase of data breaches during 2013 from the previous year. This number will continue to rise, further proving the urgency to protect data breach victims. As the Justice Department and Holder continue to campaign for a national data breach law, the ITRC continues to provide services to all victims of data breaches and identity theft… even the Attorney General of the United States.