NY Gov. Cuomo eyes expanding cyber regs to credit reporting agencies

NY Gov. Cuomo eyes expanding cyber regs to credit reporting agencies
© Getty Images

New York Gov. Andrew Cuomo (D) announced Monday his intent to expand the state's strict cybersecurity standards for the financial sector to credit reporting bureaus. 

The announcement comes on the heels of the massive Equifax breach, which could affect as many as 143 million Americans. 

"A person's credit history affects virtually every part of their lives and we will not sit idly by while New Yorkers remain unprotected from cyberattacks due to lax security," Cuomo said, announcing the proposed regulatory change.


"Oversight of credit reporting agencies will help ensure that personal information is less vulnerable to cyberattacks and other nefarious acts in this rapidly changing digital world."

New York's cyber regulations for finance include mandatory cybersecurity executives and security testing. It is unclear if abiding by those regulations could have prevented the Equifax breach. 

If the regulations are accepted, the penalty for not following them could mean a ban on doing business with New York companies — potentially devastating for a credit reporting agency based on the confluence of banks and Wall Street firms within the state's borders.

Two executives at Equifax resigned Friday as the company deals with fallout from the massive data breach.