Security News > 2023 > October > FTC orders non-bank financial firms to report breaches in 30 days
The U.S. Federal Trade Commission has amended the Safeguards Rules, mandating that all non-banking financial institutions report data breach incidents within 30 days.
"The addition of this disclosure requirement to the Safeguards Rule should provide companies with additional incentive to safeguard consumers' data."
The FTC emphasizes that submitting a data breach report doesn't automatically imply a violation of the Safeguards Rule, nor does it ensure an investigation or enforcement action.
The new notification requirement will become effective 180 days after publication of the rule in the Federal Register, so the rule should be applicable starting in April 2024.
Lyca Mobile investigates customer data leak after cyberattack.
University of Sydney data breach impacts recent applicants.