PITTSBURGH, Pa. — The Pennsylvania Attorney General has decidedthat the data security breach at TJX is big enough that it hasobviated a Pennsylvania law that required businesses with databreaches to notify cardholders that the card data had beencompromised, according to a story in the PittsburghPost-Gazette.
|The Attorney General's office did not release a statement aboutthe breach.
|The new law, which took effect in the middle of 2006, requiresbusinesses to let consumers know by telephone, letter or e-mail iftheir data has been stolen, but the AG said that no statements arerequired if the breach involves more than 175,000 people or if thecost of notification would be more than $100,000. In those cases,businesses are to use their Web sites and the media to alertconsumers.
|Both criteria appear to have been met in the TJX case and thecompany appeared to have satisfied the law by posting a statementon its Web site and sending press releases to media outlets.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
- Exclusive discounts on ALM and CU Times events.
- Access to other award-winning ALM websites including Law.com and GlobeSt.com.
Already have an account? Sign In
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
