WASHINGTON – U.S. Sen. Mark R. Warner (D-VA), a former technology executive, Vice Chairman of the Senate Intelligence Committee, member of the Senate Banking Committee, and cofounder of the bipartisan Senate Cybersecurity Caucus, released the following statement on today’s announcement from credit reporting firm Equifax that a data breach could have potentially affected 143 million consumers in the United States:
“The recent news that one of the largest credit reporting agencies and data brokers in the U.S. suffered a breach involving over 143 million Americans is profoundly troubling. While many have perhaps become accustomed to hearing of a new data breach every few weeks, the scope of this breach – involving Social Security Numbers, birth dates, addresses, and credit card numbers of nearly half the U.S. population – raises serious questions about whether Congress should not only create a uniform data breach notification standard, but also whether Congress needs to rethink data protection policies, so that enterprises such as Equifax have fewer incentives to collect large, centralized sets of highly sensitive data like SSNs and credit card information on millions of Americans. It is no exaggeration to suggest that a breach such as this – exposing highly sensitive personal and financial information central for identity management and access to credit– represents a real threat to the economic security of Americans.”
Sen. Warner has been a leader in calling for better consumer protections from data theft. In the aftermath of the Target breach that exposed the debit and credit card information of 40 million customers, Sen. Warner in 2014 chaired the first congressional hearing on protecting consumer data from the threat posed by hackers targeting retailers’ online systems. Sen. Warner also partnered with the National Retail Federation to establish an information sharing platform that allows the industry to better protect consumer financial information from data breaches.
Sen. Warner has been working to develop bipartisan legislation to create a comprehensive, nationwide and uniform data breach standard requiring timely consumer notification for breaches of financial data and other sensitive information.