Gov. Josh Shapiro on Friday signed the legislation that also requires notification to the state attorney general when more than 500 state residents are impacted by a breach, down from 1,000 which had been the threshold. The law takes effect in 90 days.
It covers breaches when an individual’s first and last name or first initial and last name have been accessed in combination with any of the following: Social Security number, bank account number, driver’s license or state ID number.
“An unfortunate consequence of modern technology is the increased risk of cybercrimes,” said Sen. Tracy Pennycuick R-Montgomery County, who sponsored the bill along Sen. Jimmy Dillon, D-Philadelphia. “Such threats pose serious risks to citizens including identity theft and loss of hard-earned money.”
Dillon said, “Senate Bill 824 is all about giving Pennsylvanians the tools they need to protect themselves when their personal information is compromised. By offering free credit reports and monitoring, we’re helping people keep an eye on their financial health and regain their peace of mind.”
There were 3,205 data compromises in the United States in 2023, an increase of 78% compared to the 1,801 breaches in 2022, according to the Identity Theft Resource Center. That set a new record for the number of data compromises tracked in a year, up 72 percentage points from the previous all-time high in 2021 when there were 1,860.
© 2024 Advance Local Media LLC. Distributed by Tribune Content Agency, LLC.
