A new bill was introduced in the U.S. Senate last week calling for jail time for executives who hide data breaches.
As reported by Wired, the bill would result in the imprisonment of executives for up to five years if they don't report a breach within 30 days of learning of it. According to the report, it's not clear whether the bill will go anywhere, given that a similar bill in 2014 – prompted by the massive Target breach – attempted to achieve the same goal.
This year, legislators had a number of high-profile hacks to choose from, including Equifax, which disclosed a huge data breach a few months ago. In that case, 145.5 million consumers’ personal information was exposed, including the credit card information of 209,000 people.
Meanwhile, Uber recently revealed it paid hackers $100,000 to conceal a data breach that occurred last year, exposing more than a million customers' data as well as drivers’ license numbers. The reaction to the news that Uber hid the breach resulted in widespread consternation from regulators around the globe, while all of the state attorney generals in the U.S. vowed to open up inquiries into the data breach and its handling.
The high-profile data breaches come amid surveys that show businesses are not inspiring consumer confidence when it comes to protecting personal information in the event of a cyberattack. In a November press release, Centrify – which commissioned a Ponemon Institute study conducted across the U.S., the U.K., Germany and Australia – announced findings that 62 percent of consumers have been notified by a company or government agency when their personal data was lost or stolen as a result of one or more data breaches. Of those, 36 percent said they had experienced two or more separate incidents. One third of that 36 percent said they ended their relationship with the company that experienced the data breach.