Consumers need to be aware when data breaches occur, so a nationwide breach notification law is necessary, according to Rep. Jim Langevin, D-R.I.
"There is much still to learn about the Equifax breach and its ramifications. What is abundantly clear, however, is that consumers are still not sure whether they were affected and what information was stolen," Langevin said in a press release reintroducing the Personal Data Notification and Protection Act.
The bill was considered a priority for former president Barack Obama's administration when it was introduced in 2015, according to The Hill.
Hackers breached Equifax, the consumer creating rating firm, from mid-May through July, but the company did not report the breach for two months. Costs of the breach are unknown, as 143 million customers may have been affected.
"Equifax has done a terrible job communicating about the breach to date, and this legislation will ensure that any future such breach has a single standard and one federal regulator to help get actionable information to consumers quickly," Langevin said in the press release.
Every state except Alabama and South Dakota has individual rules about data breaches. The congressman's bill would place the same standards on every state, requiring a 30-day notice for every company and a requirement for companies to coordinate with the Federal Trade Commission, according to The Hill.
"Americans put a lot of trust in companies by giving them personal and private information, and they should have confidence that their data is secure," Langevin said in the press release.
The U.S. Justice Department has opened a criminal investigation into whether Equifax officials violated insider-trading laws by selling stock before the announcement that the company had been breached.
© 2025 Newsmax. All rights reserved.