Research and Statistics

Attorney General Holder calls for data breach disclosure law


U.S. Attorney General Eric Holder said Congress should require businesses to tell customers promptly after hackers steal information

The content on this page is accurate as of the posting date; however, some of our partner offers may have expired. Please review our list of best credit cards, or use our CardMatch™ tool to find cards matched to your needs.

U.S. Attorney General Eric Holder is calling for new tools to fight cybercrime, in the wake of data breaches that have exposed personal data from tens of millions of Americans to hackers and identity thieves.

In a video address Monday, Holder urged Congress to pass a nationwide requirement for retailers and other businesses to notify customers and law enforcement when they have suffered a data breach.

“Today I’m calling on Congress to create a strong national standard for quickly alerting customers whose information may be compromised,” Holder said.

Such a measure would help law enforcement investigate hacking, help consumers protect themselves, and “hold entities accountable when they fail to keep sensitive information safe,” he said.

Holder cited the high-profile breaches of Target Corp. and Neiman Marcus in late 2013 that exposed payment information and other details that could be used to steal consumers’ identities.  The breach at Target alone exposed card information of about 40 million consumers and the personal details, such as addresses and phone numbers, of up to 70 million.

According to the National Retail Federation, 46 states and the District of Columbia have legislation setting various standards for the disclosure of data breaches. The industry group supports replacing the state-level requirements with a national standard.

See related: Data breaches: Who’s to blame, Data breaches spotlight EMV chip cards

Editorial Disclaimer

The editorial content on this page is based solely on the objective assessment of our writers and is not driven by advertising dollars. It has not been provided or commissioned by the credit card issuers. However, we may receive compensation when you click on links to products from our partners.

What’s up next?

In Research and Statistics

Capital One backs away from invasive debt collection policy

Capital One will modify controversial terms saying it can visit cardholders, and denied spoofing its number on caller ID systems

See more stories
Credit Card Rate Report
Cash Back

Questions or comments?

Contact us

Editorial corrections policies

Learn more