ALL >> Legal >> View Article
Database Hacks - Are Banks Required To Notify You?
Ever wonder if banks are required to tell customers when
their systems are hacked? You may be shocked to learn that
they are not. The only exception to this standard has been
database hacks that effect California residents. Companies
doing business in California are required to give such
notice under the California Security Breach Information Act.
The situation is changing quickly on the federal level.
Regulations have been issued by federal finance agencies
that now force banks to tell customers when their personal
data has been exposed to unauthorized third parties. The
regulations are issued pursuant to the Gramm-Leach-Bliley
Act, which contains language requiring financial
institutions to prevent unauthorized access and use of
consumer information.
The new regulations appear to be a reaction to several
recent high-profile data leaks. They include incidents such
as Bank of America losing data tapes containing information
for over 1 million government employees and the breach of
databases for LexisNexis ...
... and ChoicePoint. It is well known
that numerous other banks have also been hacked over the
years, but the information has been hushed up.
The new regulations require financial institutions to notify
account holders if the institution becomes aware of
unauthorized access to sensitive customer information. The
directives apply to banks and savings and loan companies,
but not credit unions.
There are two serious loopholes in the regulations. First, a
financial institution that discovers a database breach must
only notify account holders if it is "reasonably possible"
that personal details will be misused. Second, the
regulations only apply to personal data, not business or
commercial accounts.
While these new regulations are a positive step, one could
drive a truck through the two loopholes. Determining whether
it is reasonably possible that your information will be
misused is a vague standard that many financial institutions
will use to withhold information. Put bluntly, the
notification regulations are gutless.
The best method for keeping an eye on database breaches is
to look for stories in the news. Under California law,
companies are required to give notice to California
residents when breaches occur. If you see a story about your
bank giving notice of a hack to California residents, your
personal information may have also been exposed. Hackers do
not restrict their attacks to California residents.
About the Author
Richard A. Chapo is with SanDiegoBusinessLawFirm.com - This article is for information purposes only. Nothing in this article is intended to address the reader's specific situation nor does it create an attorney-client relationship.
Add Comment
Legal Articles
1. Divorce Lawyers: Helping You Navigate Separation With Clarity And CareAuthor: Catherine R. Reynolds
2. The Importance Of Brand Name Registration- Protect Your Business Identity
Author: The Trademark Helpline
3. Application Process For Indian Pcc From Canada
Author: Hardik Shah
4. How To Use Surveys And Polls To Understand Legal Client Needs
Author: jamewilliams
5. Best Bail Lawyer In Delhi
Author: Advocate Deepak
6. Guide To Pardon And Waiver In Canada - Understanding The Process
Author: Hardik Shah
7. Pre-matrimonial Investigations For A Secure And Trustworthy Future
Author: FIDA India
8. Bail Advocate Delhi High Court
Author: Advocate Deepak
9. The Journey Of India's Atmanirbhar Defence Sector With The Make In India Initiative
Author: Dev kumar
10. A Step-by-step Guide On How To Obtain A Ghana Police Clearance Certificate (pcc) From The Uk
Author: jodonjo
11. Track Your Uk Visa Application
Author: SmartMove2UK
12. Best Criminal Lawyer For Bail In Karkarduma
Author: Advocate Deepak
13. The Legal Side Of Business Breakups: Protecting Your Interests With A Business Divorce Lawyer
Author: magerparuas
14. Guide To Digital Fingerprinting For Canadian Citizenship
Author: Hardik Shah
15. Best Cyber Crime Lawyer In Delhi
Author: Advocate Deepak