Earlier this month, New Jersey Governor Phil Murphy signed into law a bill that requires businesses to notify residents when their online account information has been compromised.
The bill takes effect September 1, 2019, and will require businesses to notify New Jersey residents of a cybersecurity breach affecting a resident’s “user name, email address, or any other account holder identifying information, in combination with any password or security question and answer that would permit access to an online account.”
According the amendment, businesses may use electronic or other form of notification that directs the affected resident to promptly change any password and security question or answer, as applicable, or to take other appropriate steps to protect their online account. Furthermore, notification cannot be sent to an individual’s breached email account, and must instead be sent by another method.
New Jersey has now become at least the 10th state to update its data breach notification law to specifically address online breaches.
This latest cybersecurity law should serve to remind all businesses of the importance of protecting your clients’ personal information. The time and costs associated with breach mitigation and notification can be staggering and will negatively impact your firm’s finances and reputation. Cybersecurity is a wise investment and must be considered in every aspect of network and mobile technology that the organization uses.
ACE IT Solutions can tailor a cybersecurity program matched to your specific risk profile. By partnering with ACE IT Solutions, organizations can thwart hackers attempts and respond quickly to minimize the costs of a breach. Contact us at 646.558.5575 for a cybersecurity consultation to ensure your firm is in compliance with cybersecurity laws.