NY AG Notes Alarming Increase in Data Breaches

These days, news of the latest data breach - whether involving a local “mom and pop” store or a national retailer - is constantly breaking.  If it seems like breaches are becoming more and more common, it’s because they are.  Much more, as it turns out.

Last week, Attorney General Eric T. Schneiderman announced that, as of May 2016, his office had seen a 40% increase in data breach notifications involving New York residents as compared to the same time period in 2015.  He expects that this pace will continue, and that over 1,000 notices will be received by the end of this year.  This will be a new record.

Any entity doing business in New York suffering a data breach involving a New York resident must report the breach to the Office of the Attorney General under N.Y. Gen. Bus. Law § 899-aa.  In an attempt to streamline the process, affected businesses may now report a data breach and upload a template notice to consumers using an online form available here: https://forms.ag.ny.gov/CIS/breach-reporting.jsp.

The State isn’t just trying to make things easier post-breach, though.  Legislation proposed last year would bring sweeping changes to Section 899-aa, extending its scope of protection and creating substantive security requirements, among other things.  Assuming modifications to the statute are ultimately made, only time will tell if fewer breaches will result.  With latest reports revealing the cost of New York breaches to be about $1.4 billion in 2013 alone, any reduction would be a welcome change to the recent trend.

President Obama Signs the Defend Trade Secrets Act...
Are You at Risk? Attend our upcoming Cyber Securit...

Disclaimer

This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel

Our website uses cookies. By continuing to use our site, you agree to our use of cookies in accordance with our Privacy Policy.