When hackers made their way past hardware giant Home Depot’s security system last month, gaining access to credit card information for up to 60 million customers, it was considered the mother of all data breaches. But it’s only the latest in a growing series of hacking scandals. Between 2005 and 2014, there have been 4,695 breaches exposing 633 million records, according to the nonprofit Identity Theft Resource Center. The average cost of a breach to an organization is estimated at $3.5 million.
With no national data breach disclosure law on the books, retailers such as Home Depot, Target and Neiman Marcus (which were both victims of massive breaches last year) are forced to adhere to a patchwork of 47 state laws. Those laws vary in terms of who must comply, what defines personal information, what constitutes a breach and who must be notified. It’s led to a growing chorus of critics who say it’s time for a national standard.