Kentucky lawmaker pushes for tighter rules after Target data bre - wave3.com-Louisville News, Weather & Sports

Kentucky lawmaker pushes for tighter rules after Target data breach

Posted: Updated:

LOUISVILLE, KY (WAVE) - More shock waves hit Target customers after it was revealed an additional 70 million people may have had personal information stolen due to a data breach. Now, one local lawmaker said it's time to take some action to put some rules in place to protect shoppers if a similar data breach happens at a company based here in Kentucky.

State Representative Steve Riggs, from Louisville, said Kentucky is one of only four states that has no information security breach notification law. What that means is that there's no policies, or guidelines laying out when, or if a company here has to notify customers if their system is hacked.

Federal regulations required Target to disclose 40 million shoppers had their credit and debit card information stolen by hackers in the weeks following Thanksgiving. Then Friday, the company was forced to come forward again after it found out another 70 million customers had name, address, phone number and email addresses hacked in that same breach. That information can be used by criminals to hit you with phishing scams to try and steal your money.

Riggs said the ongoing problems at Target convinced him to push for laws here in Kentucky that make clear which data breaches need to be reported and how soon customers should be notified.

"Corporations tell me they want some rules here, they want some protocol," Riggs said. "They want to do what we think is the best thing to do. So they don't like a black slate either."

Riggs is reaching out to the business community and credit card companies to try and come up reasonable requirements. He plans to file his bill in early January.

To friend the WAVE 3 Troubleshooter on Facebook click here. To follow on Twitter click here.

Copyright 2014 WAVE 3 News. All rights reserved.