DATA BREACHES
By administratorData breaches and data loss are becoming unfortunately too common. Stolen laptops containing Social Security numbers, hackers accessing bank account records, or lost hard drives or jump drives are making the latest headlines. Consumers’ personal identifying information is finding its way into the hands of identity thieves. The FTC tells us over ten million consumers a year become victims of identity theft.
Burke, Harvey & Frankowski’s data security lawyer, Micah Adkins, represents victims of identity theft. Mr. Adkins has represented thousands of clients in individual and class action cases against the federal government and private companies for their failure to protect consumers’ personal identifying information.
Most consumers do not know their personal identifying information was compromised – stolen or lost – until it’s too late! Why? Two reasons:
(1) Companies do not send breach notifications to the affected consumers; or
(2) consumers do not check their credit reports on a regular basis.
Most states have a breach notification law. The only states that have not enacted breach notification laws are Alabama, Kentucky, New Mexico and South Dakota. Here is a chart of the applicable state breach notification laws with links to the state laws, including Puerto Rico and the Virgin Islands as of October 2010:
| Alaska | Alaska Stat. § 45.48.010 et seq. |
| Arizona | Ariz. Rev. Stat. § 44-7501 |
| Arkansas | Ark. Code § 4-110-101 et seq. |
| California | Cal. Civ. Code §§ 56.06, 1785.11.2, 1798.29, 1798.82 |
| Colorado | Colo. Rev. Stat. § 6-1-716 |
| Connecticut | Conn. Gen Stat. 36a-701(b) |
| Delaware | Del. Code tit. 6, § 12B-101 et seq. |
| Florida | Fla. Stat. § 817.5681 |
| Georgia | Ga. Code §§ 10-1-910, -911 |
| Hawaii | Haw. Rev. Stat. § 487N-2 |
| Idaho | Idaho Stat. §§ 28-51-104 to 28-51-107 |
| Illinois | 815 ILCS 530/1 et seq. |
| Indiana | Ind. Code §§ 24-4.9 et seq., 4-1-11 et seq. |
| Iowa | Iowa Code § 715C.1 |
| Kansas | Kan. Stat. 50-7a01, 50-7a02 |
| Louisiana | La. Rev. Stat. § 51:3071 et seq. |
| Maine | Me. Rev. Stat. tit. 10 §§ 1347 et seq. |
| Maryland | Md. Code, Com. Law § 14-3501 et seq. |
| Massachusetts | Mass. Gen. Laws § 93H-1 et seq. |
| Michigan | Mich. Comp. Laws § 445.72 |
| Minnesota | Minn. Stat. §§ 325E.61, 325E.64 |
| Mississippi | 2010 H.B. 583 (effective July 1, 2011) |
| Missouri | Mo. Rev. Stat. § 407.1500 |
| Montana | Mont. Code §§ 30-14-1704, 2-6-504 |
| Nebraska | Neb. Rev. Stat. §§ 87-801, -802, -803, -804, -805, -806, -807 |
| Nevada | Nev. Rev. Stat. 603A.010 et seq. |
| New Hampshire | N.H. Rev. Stat. §§ 359-C:19, -C:20, -C:21 |
| New Jersey | N.J. Stat. 56:8-163 |
| New York | N.Y. Gen. Bus. Law § 899-aa |
| North Carolina | N.C. Gen. Stat § 75-65 |
| North Dakota | N.D. Cent. Code § 51-30-01 et seq. |
| Ohio | Ohio Rev. Code §§ 1347.12, 1349.19, 1349.191, 1349.192 |
| Oklahoma | Okla. Stat. § 74-3113.1 and § 24-161 to -166 |
| Oregon | Oregon Rev. Stat. § 646A.600 et seq. |
| Pennsylvania | 73 Pa. Stat. § 2303 |
| Rhode Island | R.I. Gen. Laws § 11-49.2-1 et seq. |
| South Carolina | S.C. Code § 39-1-90 |
| Tennessee | Tenn. Code § 47-18-2107, 2010 S.B. 2793 |
| Texas | Tex. Bus. & Com. Code § 521.03 |
| Utah | Utah Code §§ 13-44-101, -102, -201, -202, -310 |
| Vermont | Vt. Stat. tit. 9 § 2430 et seq. |
| Virginia | Va. Code § 18.2-186.6, § 32.1-127.1:05 (effective January 1, 2011) |
| Washington | Wash. Rev. Code § 19.255.010, 42.56.590 |
| West Virginia | W.V. Code §§ 46A-2A-101 et seq. |
| Wisconsin | Wis. Stat. § 134.98 et seq. |
| Wyoming | Wyo. Stat. § 40-12-501 to -502 |
| District of Columbia | D.C. Code § 28- 3851 et seq. |
| Puerto Rico | 10 Laws of Puerto Rico § 4051 et. seq. |
| Virgin Islands | V.I. Code § 2208 |
What should you do if you receive a data breach notification letter?
- Contact all three nationwide credit reporting agencies and request a fraud alert on your file. You should also request a free credit report because you believe you may be a victim of fraud or identity theft.
- Ask for a new credit/debit card number. If the data breach affected you credit card or bank account, then you should request the creditor or bank to provide you with a new account number and card.
- Contact a lawyer to discuss your legal rights.
If you do not live in one of the above states, you may never receive notice of the data breach or data loss incident. The Fair Credit Reporting Act (FCRA) gives consumers the right to two free credit reports per 12 months if you believe you are a victim of fraud or identity theft. This right is in addition to your right for a free annual credit report. In other words, if you believe you are a victim of fraud or identity theft, you can request your credit reports as many as three times per 12 months for free!
Some states, including Colorado, Georgia, Maine, Maryland, Massachusetts, New Jersey and Vermont, by state law, allow consumers to request at least one additional free credit report. In fact, Georgia allows consumers to request at least 2 more free credit reports every year! Puerto Rico residents may also request one free credit report per year.
Check out our YouTube channel to learn more about protecting your identity. Calls us 24/7 at 1-800-263-9091 for a free legal consultation and identity theft information kit.