Security News > 2024 > May > SEC: Financial orgs have 30 days to send data breach notifications
The Securities and Exchange Commission has adopted amendments to Regulation S-P that require certain financial institutions to disclose data breach incidents to impacted individuals within 30 days of discovery.
Notify affected individuals within 30 days if their sensitive information is, or is likely to be, accessed or used without authorization, detailing the incident, breached data, and protective measures taken.
The modifications represent an important update to a rule initially adopted in 2000 that could no longer adequately protect customers' financial data privacy in today's cybersecurity landscape.
In December, the SEC also introduced new rules requiring all public companies to disclose that they suffered a breach if it materially affected or is reasonably likely to materially affect business strategy, results of operations, or financial condition.
WebTPA data breach impacts 2.4 million insurance policyholders.
AT&T faces lawsuits over data breach affecting 73 million customers.
News URL
Related news
- Dutch Police: ‘State actor’ likely behind recent data breach (source)
- Comcast and Truist Bank customers caught up in FBCS data breach (source)
- Internet Archive hacked, data breach impacts 31 million users (source)
- Internet Archive data breach, defacement, and DDoS: Users’ data compromised (source)
- Fidelity Investments says data breach affects over 77,000 people (source)
- Fidelity Data Breach Exposes Data of Over 77,000 Customers (source)
- USDoD hacker behind National Public Data breach arrested in Brazil (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Insurance admin Landmark says data breach impacts 800,000 people (source)
- Henry Schein discloses data breach a year after ransomware attack (source)