It's not just customers that need to know about data breaches — it's investors too.
The Securities and Exchange Commission has asked public companies
State laws already require companies to disclose breaches to customers that might be affected. For example, a company that exposes credit card numbers must tell the cardholders so that they are aware of the potential for fraud on those accounts.
The
These instructions go beyond breaches of financial data. A breach of intellectual property could also require a disclosure, for example.