BreachExchange mailing list archives

Re: complete/official list of security breach disclosures

From: "Nick Lewis" <lewisnic () acm org>
Date: Wed, 1 Feb 2006 20:55:48 -0500

: The SB-1386 law in California requires companies to contact customers
: affected by breaches. I checked with the California Attorney General's
: Office and there are no government records being kept there since
: companies are not required to contact any government entity. The papers
: report the high profile breaches -- basing any analysis on the media
: coverage would be skewed.
:
: Are there any states require public reporting of breaches?

There are, but I don't have the list handy. That is something that would
compliment the dataloss page actually, links to the states and respective
laws. Shortly after California adopted that law, several others followed
suit and passed their own.


I suspect the page you're thinking of is:

http://www.crowell.com/pdf/SecurityBreachTable.pdf

I found this link from the http://www.cccure.org/ website.

Nick 


_______________________________________________
Dataloss mailing list
Dataloss () attrition org
https://attrition.org/mailman/listinfo/dataloss

Current thread:

Colorado Tech University, 12/16/05 lyger (Feb 01)
- complete/official list of security breach disclosures Bill Yurcik (Feb 01)
  - Re: complete/official list of security breach disclosures security curmudgeon (Feb 01)
    - Re: complete/official list of security breach disclosures Nick Lewis (Feb 01)
    - Re: complete/official list of security breach disclosures Saundra Kae Rubel (Feb 01)
    - Re: complete/official list of security breach disclosures lyger (Feb 01)
  - Message not available
    - Re: complete/official list of security breach disclosures David Kovarik (Feb 01)
  - Re: complete/official list of security breach disclosures Adam Shostack (Feb 01)
  - Message not available
    - Re: complete/official list of security breach disclosures blitz (Feb 01)