U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Intelligence Committee, a member of the Senate Banking Committee and a co-founder of the bipartisan Senate Cybersecurity Caucus, released a statement today on the Securities and Exchange Commission disclosure last night that its corporate filing system was hacked in 2016 and information was potentially used for illegal stock trades.
When SEC Commissioner Clayton appears before the Senate Banking Committee on Tues., Sept. 26, Sen. Warner intends to question him about the effectiveness of current SEC thresholds for requiring companies to disclose a cybersecurity breach. For example, last fall it was reported that Yahoo took more than two months to disclose to the public and its shareholders after learning that 500 million user accounts were hacked in 2014. In fact, despite the flurry of high-profile data breaches reported in recent years, published reports have indicated fewer than 100 of approximately 9,000 publicly listed companies have reported a material data breach to the SEC since 2010.
In addition, Sen. Warner has been working to finalize bipartisan legislation to create a comprehensive, nationwide and uniform data breach standard, requiring timelier consumer notification for breaches of financial data and other sensitive information, and setting national data-protection standards for companies handling sensitive personal information.
In 2014, Sen. Warner chaired the first congressional hearing in the aftermath of the Target breach that exposed the debit and credit card information of 40 million customers. Sen. Warner also partnered with the National Retail Federation toestablish an information-sharing platform that allows the industry to better protect consumer financial information from data breaches.