CyberNews Briefs

New York updates its breach notification law in response to Equifax, GDPR

From March 2020, New York state legislation will require organizations to notify people whose email address was compromised in a data breach together with authentication credentials (password and/or security questions and answers) “in the most expedient time possible and without unreasonable delay,” which in practice means within 30 days.

The new legislation, called the Stop Hacks and Improve Electronic Data Security (SHIELD) Act also covers biometric data. It was inspired by the 2017 Equifax data breach and the EU’s General Data Protection Regulation (GDPR). Governor Andrew Cuomo signed it into law last Thursday.

Read more: New York updates its breach notification law in response to Equifax, GDPR

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.