Businesses that aren’t banks but serve as lenders, including mortgage brokers and car dealerships, will have to report large data breaches to the Federal Trade Commission “as soon as possible” after discovering them under finalized rules the agency released Friday.
Such companies identify the theft of unencrypyted data linked to more than 500 customers will have a maximum of 30 days to report the breach online, according to new amendments for financial institutions to update the FTC Safeguards Rule, which establishes standards for protecting customer data.
The data breach notices must describe what information was accessed, how long it was ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.