Data breaches don’t just sting consumers and companies whose critical data has been pilfered — it also hurts the banks responsible for picking up the financial pieces.
eSecurity Planet takes a look at one of the newest efforts to help banks get back some of their losses when perpetrators of cybercrime are able to take advantage of lax security measures undertaken by other parties in the retail chain. In this case, a new Washington state law aims to crack down on companies that aren’t meeting Payment Card Industry (PCI) standards, and lets banks go after them to recover the costs and damages of having to contend with a breach.
Washington last week became the third state to pass legislation that will allow banks to recover certain costs and damages from retailers and credit card processors that suffer data breaches after failing to comply with current Payment Card Industry (PCI) standards.
The law, which goes into effect on July 1 in Washington, follows similar laws passed in the states of Minnesota and Nevada and marks a fundamental change in the way government and private sector industries assign responsibility and accountability for preventing identity theft.