U.S. Attorney General Eric Holder has called on Congress to expedite the creation of a national standard that would alert Americans within a certain time frame after their personal information has been compromised. The standard would require participation from companies that host credit and debit card information from users, as well as other pieces of sensitive, personal information, to collaborate with the government in order to make users more aware of when their data has been compromised and to hold companies accountable. This step would be a small one in addressing the growing threat of cyber security breaches that have not only become more in number over the last year, but have grown in effectiveness.
VISUAL CONTEXT: CYBER THREATS
Holder’s call to Congress comes on the heels of several months of high-profile security breaches into companies bearing household names: Target, Neiman Marcus, Apple. Target’s breach resulted in the compromising of 40 million user accounts. Neiman Marcus’ compromised 1.1 million over a period of several months, and Apple’s most recently has affected an untold number of users.
Apple’s data breach was of a different nature as it did not target shoppers, per se, but still remained altogether risky for millions of users of the company’s iOS and OS X-based devices. The breach involved the interference of an outside party — considered the hacker — who inserts himself between the sessions of a user’s initial verification. Interfering with the recognition of verification of the user at the destination server allows the hacker to gain access to some sensitive information of the user’s that would otherwise require authentication — essentially compromising that user’s account.
Holder said that there is great need for the federal government to extend its hand in ensuring that Americans’ personal data stays out of risk to cyber criminals, and he stated that the measures “would enable law enforcement to better investigate these crimes – and hold compromised entities accountable when they fail to keep sensitive information safe.”
The measure of alerting customers won’t necessarily stem the tide of data breaches, but it will perhaps at least give Americans some peace of mind that companies are not able to disguise the breaches, or brush them under the rug for months.