Uber was hacked in 2016, and not only did they try to cover it up by paying out a hacker, but millions of user accounts were compromised. Only after a new CEO came aboard, did they release the news about the cyber attack (he knew for 2 months before releasing the news); Equifax experienced one of the worst identity theft hacks in history, but didn’t release their breach until months after; Yahoo! was hacked in 2014, but didn’t alert authorities and users until 2016.
The common theme here is what senators have been rallying around in order to get the National Breach Notification Bill passed. If passed, the data breach notification measure would give companies a maximum of 30 days to notify victims and authorities after they discover a data breach. The longer businesses wait, the more vulnerabilities they create for the victims affected. Additionally, as businesses continue to move more and more sensitive data into easily accessible cloud services (SaaS), individuals become more exposed to the risk of a data breach.
SaaS companies tend to offer a quality product for a relatively cheap price, which are highly attractive to businesses looking to stay versatile. If this bill is passed, it will hopefully instill a higher level of accountability by businesses that are compromised by a cyber attack.
Evolve MGA‘s cyber policy, EVO 3.0, covers policyholders in the event their cloud data is hacked, lost, or stolen. Contact us to learn more about buying a policy before an event happens to your business.