SBT Graphic/COURTNEY SEANOR, THINKSTOCK
At a glance
Indiana and Michigan laws require businesses to inform their customers, credit reporting agencies and the Indiana attorney general about security breaches that have placed anyone’s personal information in jeopardy. If a company fails to report a breach, the Indiana attorney general can seek up to $150,000 and the Michigan attorney general can seek up to $750,000 in penalties.
Personal information means a Social Security number or an individual’s name in combination with any one of the following data elements: driver’s license number, account number, a state identification card number or a credit card, debit card or financial account number in combination with any required security code.
For more information on reporting a breach, visit www.in.gov/attorneygeneral/3037.htm.
For those concerned about the Anthem data breach, a special website, AnthemFacts.com, and toll-free number, 877-263-7995, have been set up.
Anthem has added about 1,000 customer service representatives to answer questions about the breach and is offering free credit monitoring and identity protection services to affected individuals. Details will be posted on the website when they are available. Also, letters will be mailed to those affected.
Early in 2013, international criminals remotely hacked into Hacienda Mexican Restaurants' systems at two locations and stole clients' credit card numbers.
The company was working with an outside firm to ensure its compliance with security regulations for credit card processing and had layers of passwords, firewalls, spyware and encryption in place. But that didn't stop the bad guys.
Hacienda was quick to react, alerting customers of the breach through social media and traditional news outlets. It also took its credit card system offline at all 20 of its locations until the system was secure. And it hired an international cybersecurity analyst to investigate the data breach.
"It totally amazed us that out of all the U.S. companies, these guys — apparently out of Russia — landed on us," said Jeff Leslie, vice president of sales and marketing at Hacienda, with home offices in South Bend.
Since that time, an increasing number of high-profile data breaches at companies such as Anthem, Target, Home Depot, Jimmy John's, Sony and many more has illustrated that no one is immune to cyber attacks.
"We invest a lot of time and energy into cybersecurity research and development in this country," said Von Welch, director of the Center for Applied Cybersecurity Research at Indiana University. "But I think it's very unlikely that we will come up with a silver bullet. It's not a problem that is going to go away."
Because of this, it's important for companies to report breaches so we can learn from them, he said.
Copyright © 2024, South Bend Tribune