A new law in Pennsylvania mandates that organizations experiencing a data breach must provide affected individuals with a year of free credit reporting and monitoring. This legislation, signed by Governor Josh Shapiro, also stipulates that organizations must notify the state attorney general if a breach impacts more than 500 state residents, a reduction from the previous threshold of 1,000. The new law will come into effect in 90 days and aims to enhance consumer protection by addressing breaches involving personal information such as Social Security numbers, bank account details, or driver’s license numbers.
Senator Tracy Pennycuick, a sponsor of the bill alongside Senator Jimmy Dillon, highlighted the increased risks of cybercrimes in the digital age. Pennycuick emphasized that such threats can lead to serious issues like identity theft and financial loss, underlining the need for the new protections. The legislation aims to mitigate these risks by ensuring that individuals affected by data breaches receive necessary tools to monitor and protect their financial information.
Senator Dillon remarked that Senate Bill 824 is designed to provide Pennsylvanians with the means to safeguard their financial health when their personal data is compromised. By offering free credit reports and monitoring, the law seeks to help individuals maintain their financial security and regain peace of mind following a breach. This proactive approach is intended to reduce the impact of data breaches on residents and enhance overall data protection.
The Identity Theft Resource Center reported a record 3,205 data breaches in the United States in 2023, marking a significant increase from previous years. This surge in breaches underscores the growing need for robust data protection measures. The new Pennsylvania law represents a significant step toward improving consumer protection in the face of rising cyber threats.
