(WASHINGTON) — The nation’s top cop says retailers like Target, which waited several days before telling customers about its massive data breach last year, need to “quickly” notify customers when their databases have been hacked, and he’s calling on Congress to make them do it.
Attorney General Eric Holder says he wants Congress to establish a national standard for reporting cyber-attacks. His plea comes as Target and Neiman Marcus still deal with the fallout created when their data systems were recently compromised.
In the weeks before Christmas last year, Target suffered a massive data breach that compromised the personal data of as many as 70 million people. Another 40 million had their credit and debit card information compromised. But Target didn’t notify the public about the breach until four days after learning about it on Dec. 15, 2013.
Cyber security has been a main platform for Holder and his Department of Justice over the past few months, with Holder noting that the department has been taking further steps to bring cyber criminals to justice.
“As we’ve seen – especially in recent years – these crimes are becoming all too common,” Holder said in a video released Monday. “And they have the potential to impact millions of Americans every year…. [A]lthough Justice Department officials are working closely with the FBI and prosecutors across the country to bring cyber criminals to justice, it’s time for leaders in Washington to provide the tools we need to do even more.”
According to Holder, a national standard would help law enforcement investigate these cyber-crimes and strengthen his department’s ability to ensure individuals’ privacy. Retailers whose databases have been compromised will also be held accountable if they fail to keep their customers’ sensitive information secure, Holder said.
After the holiday-season attack on Target, the nation’s second-largest discount retailer announced a $5 million investment in a new cyber-security coalition. The company also said it will accelerate implementation of its chip-enabled smart card technology, which will help protect consumers from fraud.
Target did not immediately respond to calls for comment by ABC News Monday.
Neiman Marcus announced last month that its data systems had been hacked, expressing concerns early on that that as many as 1.1 million customers had been affected. However, an internal investigation by the luxury department store concluded that far fewer accounts were impacted, with the most recent estimate saying fewer than 350,000 customers’ data may have been compromised.
Copyright 2014 ABC News Radio
Matt Egan, CNN
Jeff Peterson, Deseret News
David Goldman, CNN