ALBANY, N.Y. — According to the Albany Business Review, with nearly 1,600 data breaches that occurred in New York alone last year that exposed information of 9.2 million of the state’s residents, almost four times as many New Yorkers were affected by breaches than the year before.
As such, Attorney General Eric Schneiderman is pushing legislation to add cybersecurity regulations on businesses, the article continued.
The Stop Hacks and Improve Electronic Data Security Act (SHIELD) would mandate that companies adopt “reasonable” safeguards for personal data use, the article noted, and it would expand the types of data that trigger reporting requirements to include usernames and passwords, biometric information and health data.
“New York’s current data security law is outdated and toothless,” Schneiderman said. “Every business that chooses to store sensitive information has a moral responsibility to maintain reasonable safeguards for that data, and if we pass this legislation, they would have a legal responsibility as well.”
The proposed regulations vary per business size and the type of data stored, the article noted.
“A mom-and-pop hardware store would be expected to comply with very different standards than a big, multimillion dollar firm,” Schneiderman said.
Tom Hoffman Jr., CEO of Hoffman Car Wash, which has an unlimited wash service, said that the company guards that information through a third-party company called OpenEdge, the article noted.
According to Hoffman, when a customer signs up for the program, the credit card information is encrypted and sent to OpenEdge, which sends a token back to the carwash to use in lieu of the actual credit card information, the article added. Furthermore, this token can only be used at Hoffman and nowhere else.
“Unfortunately I don’t think our customers really understand how good our security is so I’m sure there’s a segment of our customers who don’t participate in the least expensive way to wash your car, our unlimited program, because of security,” Hoffman said.
AJ Davidson, director of IT for the company, said that Hoffman Car Wash even hires outside companies to try to hack into the carwash’s systems as a test, the article stated.
Moreover, Davidson noted that he sees hits on the company’s routers daily of people trying to hack the systems, the article continued.
“We see people just scanning and trying to poke and prod us for any vulnerability,” Davidson stated. “They’re basically checking the door to see if it’s locked or unlocked.”
“It happens to every device on the internet,” Hoffman added. “It’s not like they’re just picking on Hoffman Car Wash or Joe’s Pizza or anything.”
Find the original article here.