Large breaches lead to additional government scrutiny

  • Team Omega
  • July 11, 2011

Additional details continue to become available regarding the recent breach of approximately 360,000 Citibank credit card accounts. The breach was first discovered on May 10, and the customer notification process began on June 3. According to Citibank, no account numbers have been compromised yet, but as we have seen with other breaches, it can take months or years for compromised credit cards to surface on the black market.

Various forms of cyber security and data security legislations are being written and discussed on Capitol Hill. Two common points come up during the discussions:

  1. Harsher penalties for cyber criminals.
  2. Stronger data security requirements for banks, card processors, businesses, and 3rd party vendors.

To begin with, all business would want to keep up with the already existing data security and compliance requirements.  Once the initial steps are taken, it is easier to maintain standards of the government or PCI DSS as more regulations are added.