Emergency Unemployment Compensation Extension Act—Motion to Proceedby Senator Deb Fischer
Posted on 2014-01-08
FISCHER. As we begin a new year, the Senate returns with many
significant challenges before us. One such challenge is the security of
our citizens' private information.
Just before Christmas, news broke out that Target, a popular retail store in Nebraska and all across this Nation, had experienced an enormous data breach involving nearly 40 million debit and credit account numbers. That is nearly 1 in 10 Americans who had their sensitive personal information put in jeopardy.
Between November 27 and December 15, scammers silently stole massive amounts of consumer information from Target. The timing of this breach is significant, not only because it happened during the peak of the holiday shopping season, but also because this data is reportedly being sold on black markets around the world.
On December 20, Target announced: ``The information involved in this incident included customer name, credit or debit card number, and the card's expiration date and CVV.'' It was further determined on December 27 that encrypted PIN information, or encrypted personal identification numbers, associated with that data was also stolen.
[[Page S100]] This wasn't only an attack on Target, which has 14 stores in my home State of Nebraska, it was a crime against millions of hardworking citizens. Let me be clear. It is also much more than just a mere inconvenience for consumers.
Yes, such thefts complicate the daily routines of Americans, but it can also potentially damage their credit ratings, and it is an incredible tax on people's time. It also leaves many feeling vulnerable, including, unfortunately, the most vulnerable among us, the elderly.
As a Member of the Senate Commerce Committee, which has jurisdiction over this issue, I urge the chairman and our ranking member to begin looking into this matter further. Our Nation's entire data security system is in desperate need of revamping, and that is going to require congressional action.
What happened with that Target breach was not an isolated incident.
TJX Companies, which owns national retail chains TJ Maxx and Marshalls, was breached in 2007. Sony and Epsilon were also attacked in 2011.
We learned on New Year's Eve that the popular social communication platform Snapchat was also hacked, a breach of about 4.6 million user names with their corresponding phone numbers. These are only the latest examples, but we all know the problems run much, much deeper.
Identity theft has been the No. 1 consumer complaint at the Federal Trade Commission for the last 13 years in a row. The average financial loss for each instance of identity theft is $4,930, and it has been estimated that identity theft resulted in a $24.7 billion loss for our country in 2012.
Given these realities, we need to dedicate more time and energy to solutions that substantially improve the safety of our online activities. While the Target breach is important and deserves our attention, so too should the security risks posed by healthcare.gov, as well as the Federal and State insurance exchanges set up under ObamaCare.
Experian, a major U.S. credit reporting bureau, recently released its ``2014 Data Breach Industry Forecast,'' which states: ``The healthcare industry, by far, will be the most susceptible to publicly disclosed and widely scrutinized data breaches in 2014.'' As those who found out the hard way can tell us, healthcare.gov takes and holds a lot of sensitive information, including our social security numbers, names, and other information that can be transmitted. It has also been reported that hackers have attempted to break into the Web site at least 16 different times. Several experts say those numbers are very conservative estimates of known attempts.
Health and Human Services contractors also identified security vulnerabilities, which HHS ignored, before the site went public on October 1.
The protections and breach notifications standards for ObamaCare, which people were forced into, don't even meet the minimum standards put in place for the private sector. Every Nebraskan, and every American, has the right to know if their private information has been compromised because of ObamaCare.
Fortunately, data security appears to be an area where Republicans and Democrats can come together and do something positive for the American people.
We must take great care, however, not to make the problem worse. Smart policy results from an open, collaborative process, with input from businesses, consumers, and security experts. That is going to be the answer, not more red tape.
We should seek to streamline our data security laws to provide clarity and consistency. I look forward to working with my colleagues on the commerce committee to address these data breaches and to protect the integrity of Nebraskans' and Americans' personal information.
I yield the floor.
The PRESIDING OFFICER. The Senator from Vermont.