{"id":39978,"date":"2021-03-12T15:57:41","date_gmt":"2021-03-12T15:57:41","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/32101\/Legislators-Work-Towards-Breach-Law-Requiring-Notification.html"},"modified":"2021-03-12T15:57:41","modified_gmt":"2021-03-12T15:57:41","slug":"legislators-work-towards-breach-law-requiring-notification","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/","title":{"rendered":"Legislators Work Towards Breach Law Requiring Notification"},"content":{"rendered":"
<\/div>\n
\n

After two major hearings on Solarigate, one domestic policy proposal grabbed the spotlight: requiring organizations to alert the government to major cyber incidents in the interest of national security. Experts say the idea has merit  \u2013 if only legislators can balance the promise with the potential liability and burden placed upon industry. <\/p>\n

The SolarWinds affair, where an actor believed to be Russia used malicious updates in the SolarWinds IT platform and other vectors to hack several government agencies and private firms, came to light when FireEye publicly came forward as a victim. <\/p>\n

But what if they had opted not to do so? There is currently no law that requires FireEye or any company to alert the government publicly or privately. Many believe there should be.<\/p>\n

\u201cThis issue has been looked at before. And I think there\u2019s a lot more momentum now,\u201d said Christian Auty, a partner in Bryan Cave Leighton Paisner\u2019s privacy and security practice.<\/p>\n

Indeed, lawmakers from both chambers and both parties suggest some form of legislation<\/a>. Witnesses from FireEye, Microsoft, CrowdStrike, and SolarWinds all agreed it was a sturdy idea. But several problems are immediately evident \u2013 liability, anonymity, breadth and trust. SC Media spoke to legal, government and security experts to understand the obstacles and potential solutions. <\/p>\n

Progress toward a bill<\/strong><\/p>\n

Rep. Michael McCaul, R-Texas, said in the February House hearing that he and Sen. Jim Langevin, D-R.I., were already working<\/a> on a disclosure bill. <\/p>\n

\u201cMr. Langevin and I are working on mandatory notifications of breaches [or] any cyber intrusions,\u201d he said. \u201cThis can be done by taking sources and methods and company names out to protect them. As you have a duty to shareholders they would just simply send threat information itself\u201d to the Cybersecurity and Infrastructure Security Agency,\u201d he explained.<\/p>\n

Langevin\u2019s office told SC Media there would actually likely be two notification bills, corresponding to two recommendations of the Cybersecurity Solarium report<\/a>. One would focus narrowly on national security-related incidents, providing the kind of specific intelligence CISA could use to head off nation-state campaigns in progress. The other would require general notification of breaches to the Federal Trade Commission for assistance conforming to regulations and privacy laws. <\/p>\n

The former would be the latest iteration of the kind of federal incident notification lawmakers hope would stifle the next SolarWinds scale attack. But it would not be the first. Another bill intended to smooth disclosure of such breaches to the federal government came in 2012, introduced by Susan Collins, R-Maine, and then-Sen. Joe Lieberman, I-Conn<\/a>.<\/p>\n

That effort ultimately failed. But recent events could inspire alternative solutions, Auty said, to encourage organizations to come forward without providing full liability protection. McCaul specifically mentioned anonymous reporting in fact. But organizations might not find those solutions sufficient on their own. <\/p>\n

\u201cThere will still be concerns on the part of the company that no, this is going to get traced back to me,\u201d said Auty. \u201cAnd when it does, I\u2019m going to have contractual and other liabilities. Anonymous reporting is valuable as a partial solution, but functionally anonymous reporting may not be possible in all situations.\u201d<\/p>\n

Identifying a clearinghouse<\/strong><\/p>\n

Lawmakers may run up against industry skepticism of how the government uses data, said Tobias Whitney, vice president for energy at Fortress, a firm that facilitates industry information sharing solutions. This is more likely if legislation requires notification of a law enforcement agency or a regulator, versus CISA or Homeland Security, which may be seen as a more neutral arbitrator. <\/p>\n

Even CISA lacks the level of trust with industries held by sector-specific Information Sharing and Analysis Centers, Whitney said.<\/p>\n

\u201cRight now I\u2019m not sure if industry perceives CISA to have the capacity as a hub.\u201d<\/p>\n

The perception from industry \u2014 and quite likely the reality, per Whitney \u2014 is that sector-specific groups are better situated to understand the context of any data that is being shared. ISACs are also traditionally better at getting usable information back into their members\u2019 hands than the government. Whitney suggests that maybe the best solution would be to mandate reporting not to Washington but to those industry groups who would forward along information as appropriate. <\/p>\n

\u201cMaybe CISA is not necessarily entire wheel. Maybe they\u2019re more of a spoke, providing conductivity across the wheel, ensuring that there\u2019s horizontal communication happening to the other sectors,\u201d he said. <\/p>\n

Using ISACs as the first clearinghouses for information might solve another problem raised at the hearing: Not all organizations are capable of understanding the nuance of whether their specific cyber incident rises to a level of national security calamity. Given the number of cyber incidents each year, someone needs to filter the signal from the noise for this to be a useful tool. ISACs could be that filter. <\/p>\n

The filtering problem is the flip side of another problem raised at the hearing  \u2013 limiting businesses\u2019 regulatory burden. Reporting carries a business cost. If some of the data is worthless, that cost was spent for little reason. <\/p>\n

Brad Smith, President at Microsoft, suggested at the hearing that it would make the most sense to limit reporting requirements to targeted industries and infrastructures. Big tech firms, like his, he said, would be a no-brainer. <\/p>\n

Kevin Mandia, chief executive of FireEye, added at the hearing that a requirement for \u201cfirst responders\u201d to report would also be useful. First responders \u2014 contractors doing incident response or analyzing telemetric data \u2014 have a good understanding of what activity could signify a nation-state. <\/p>\n

Mandia also suggested that everyone may benefit from small and medium-sized businesses being exempt from reporting. Companies without large defensive capability might not know what they are looking at during a breach, and may cause more panic than benefit by coming forward. <\/p>\n

But Kiersten Todt, managing director of the small business cybersecurity advocacy group the Cyber Readiness Institute, pushed back on that argument. <\/p>\n

\u201cNo entity should not be encouraged or asked or regulated, to share information when they\u2019ve been breached,\u201d she told SC Media. With increasingly interconnected supply chains, excluding the most vulnerable targets would introduce blind spots that could reverberate across industries.<\/p>\n

Todt, a veteran of several government homeland security and cybersecurity advisory posts, argued that the risk of causing panic only exists if companies go forward to the press  \u2013 not if companies report anonymously and secretly to the government. <\/p>\n

She suggests investment in the infrastructure to help small businesses assess networks to better identify breaches. That could come in the form of government help or industry groups. <\/p>\n

\u201cYou may say small businesses don\u2019t need that extra burden. I agree that they don\u2019t need an extra burden. But we need to make it an opportunity for them to be a part of the global infrastructure,\u201d she said, adding that proper support would also promote universal buy-in. <\/p>\n

\u201cI don\u2019t think that any company would learn about a nation state and want to hold it close to their chest,\u201d she said. <\/p>\n<\/p><\/div>\n

\n

Topics:<\/h2>\n

Breach<\/a> Legislation<\/a> Regulation<\/a> <\/section>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":39979,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[2224],"class_list":["post-39978","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentprivacyusadata-loss"],"yoast_head":"\nLegislators Work Towards Breach Law Requiring Notification 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Legislators Work Towards Breach Law Requiring Notification 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-12T15:57:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/legislators-work-towards-breach-law-requiring-notification.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"768\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Legislators Work Towards Breach Law Requiring Notification\",\"datePublished\":\"2021-03-12T15:57:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/\"},\"wordCount\":1166,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/legislators-work-towards-breach-law-requiring-notification.jpg\",\"keywords\":[\"headline,hacker,government,privacy,usa,data loss\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/\",\"name\":\"Legislators Work Towards Breach Law Requiring Notification 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/legislators-work-towards-breach-law-requiring-notification.jpg\",\"datePublished\":\"2021-03-12T15:57:41+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/legislators-work-towards-breach-law-requiring-notification.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/legislators-work-towards-breach-law-requiring-notification.jpg\",\"width\":1280,\"height\":768},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/legislators-work-towards-breach-law-requiring-notification\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,privacy,usa,data loss\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentprivacyusadata-loss\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Legislators Work Towards Breach Law Requiring Notification\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Legislators Work Towards Breach Law Requiring Notification 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/","og_locale":"en_US","og_type":"article","og_title":"Legislators Work Towards Breach Law Requiring Notification 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-03-12T15:57:41+00:00","og_image":[{"width":1280,"height":768,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/legislators-work-towards-breach-law-requiring-notification.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Legislators Work Towards Breach Law Requiring Notification","datePublished":"2021-03-12T15:57:41+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/"},"wordCount":1166,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/legislators-work-towards-breach-law-requiring-notification.jpg","keywords":["headline,hacker,government,privacy,usa,data loss"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/","url":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/","name":"Legislators Work Towards Breach Law Requiring Notification 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/legislators-work-towards-breach-law-requiring-notification.jpg","datePublished":"2021-03-12T15:57:41+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/legislators-work-towards-breach-law-requiring-notification.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/03\/legislators-work-towards-breach-law-requiring-notification.jpg","width":1280,"height":768},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/legislators-work-towards-breach-law-requiring-notification\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,privacy,usa,data loss","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentprivacyusadata-loss\/"},{"@type":"ListItem","position":3,"name":"Legislators Work Towards Breach Law Requiring Notification"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39978"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39978\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/39979"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}