The Daily Bulletin Archive

State laws set specific requirements for how companies communicate a data breach to consumers and to state agencies like the New York State Attorney General’s Office. Foreign countries also have breach notification laws, and these must be followed as well if citizens of those countries are part of the breach. Uber, a California-based company, seems to have violated these laws by not informing anyone, at least for one year, following a cybersecurity incident. A California company still has to follow New York State laws for those customers residing in New York State. If your information is involved in a data breach, the company is required to follow the law. Read more about the Uber data breach notification problem in Data Breach Today.