Lawmakers pushed on Tuesday for ways to prevent the kind of consumer data breaches that claimed voluminous amounts of information during the recent holiday season.
Over a few weeks spanning the end of November to mid-December, hackers wielding malware programs penetrated Target's point-of-sale systems and purloined credit and debit card data for some 40 million American customers. An additional 70 million Target shoppers had additional personal information stolen. Neiman Marcus and Michaels Stores also saw consumer data lifted.
It wasn't the first time data breaches have endangered personal information. Attorney General Kamala Harris estimated last year that 2.5 million Californians had their privacy compromised, with retailers the most frequent target of attacks.
"We have to continue to believe that criminals will devote their time to trying to gain access to our personal information," Assemblyman Roger Dickinson, D-Sacramento, said on Tuesday, adding that the data breaches "demonstrated new levels of sophistication as well as pointing out weaknesses in our current payment system."
Dickinson and Assemblyman Bob Wieckowski, D-Fremont, have co-sponsored legislation dealing with data breaches, including requirements around notifying consumers of an incident. Sen. Hannah-Beth Jackson, D-Santa Barbara, also has a bill intended to safeguard credit card information.
Critics faulted Neiman Marcus for taking weeks to publicly acknowledge its data breach. Some speakers advocated requiring businesses to quickly inform customers of data thefts, saying it would help keep consumers informed and give businesses an incentive to shore up security and avoid damaging disclosures.
"Last year there were 619 data breaches in the United States," said Diana Dykstra, chief executive officer of the California Credit Union League. "People say, 'yes, the retailers want to notify,'" she continued. "Can you name 619? I surely can't."