Target’s had a big red target leveled at its data systems recently; the intrusion and theft of over 100 million consumer credit & debit card information is almost the largest in history.
It’s website features a notice to consumers; but strangely, 2 seconds after the home page loads, an ad overlay obscures the warning text and link.
Purposeful or by accident, it’s a big oops on top of the disaster.
See the site 1 second after load:
And 2 seconds later:
Intentional or by accident?
Does the law require companies to disclose breaches?
As an aside, most States do not require the companies disclose successful network breaches to their customers. A law firm has published a useful chart to track State-by-State requirements.
Perkins Coie’s Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each state’s sometimes unique security breach notification requirements. Lawyers, compliance professionals, and business owners have told us that the chart has been helpful when preparing for and responding to data breaches.
Maine has such a disclosure law on its book.