Senators call on FTC to investigate Target breach
The FTC should have more authority to sanction victoms of data breaches, Senator Richard Blumenthal says
IDG News Service - A U.S. senator has called on the Federal Trade Commission to investigate Target's security practices after the large retailer reported a data breach affecting 40 million customer credit and debit cards.
Sen. Richard Blumenthal (D-Conn.) urged the agency to begin an immediate investigation. "If Target failed to adequately and appropriately protect its customers' data, then the breach we saw this week was not just a breach of security; it was a breach of trust," Blumenthal wrote in a Sunday letter to the FTC.
The breach could expose Target customers to "significant and potentially permanent harm," Blumenthal wrote."Those Target customers who have their data misused by hackers or thieves could lose their good credit and in turn their ability to purchase the goods and services they need for their well being and the well being of their families," he added. Even customers whose stolen data will never ultimately be misused must live with the fear and uncertainty of knowing that it could be."
Blumenthal said he will push to give the agency more authority to penalize companies that have large data breaches. The FTC doesn't have the authority to impose fines for data breaches.
In addition, Sen. Chuck Schumer (D-N.Y.) called on the U.S. Consumer Financial Protection Bureau to investigate the breach.
Target said last week credit and debit card information, including the name of the customer, the credit or debit card number, the card's expiration date and the three-digit security code, was stolen at its stores between Nov. 27 and Dec. 15.
Target CEO Gregg Steinhafel, in an email to customers Saturday, said they will not be responsible for fraudulent charges. Victims will get free credit monitoring from Target, he wrote.
The breach "was a crime against Target, our team members and most importantly you -- our valued guest," he added.
The FTC doesn't comment on active investigations, but the agency has investigated similar data breaches in the past.
In a March 2008 settlement with TJX, which owns T.J. Maxx, Marshalls and other retailers, the agency required the company to establish a comprehensive information security program and submit to biennial data security audits over the next 20 years. The company's 2005 breach, which it reported in 2007, affected more than 45 million customer credit and debit cards.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is email@example.com.
- Why Projects Fail CIOs are expected to deliver more projects that transform business, and do so on time, on budget and with limited resources.
- The New Business Case for Video Conferencing: 7 Real-World Benefits Beyond Cost-Savings This whitepaper provides insight into the value of video conferencing in today's business environment, and how organizations are using visual collaboration to find...
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Cybercrime and Hacking White Papers | Webcasts