SPONSORED:

Lawmakers target banks for hacking details

Major financial institutions got requests Tuesday from two lawmakers for information on their data breaches and cyber attacks.

Sen. Elizabeth WarrenElizabeth WarrenWarren says she'll run for reelection to Senate Free Speech Inc.: The Democratic Party finds a new but shaky faith in corporate free speech Debate over ICBMs: Will 'defund our defenses' be next? MORE (D-Mass.) and Rep. Elijah CummingsElijah Eugene CummingsOvernight Health Care: AstraZeneca may have included outdated data on vaccine trial, officials say | Pelosi says drug pricing measure under discussion for infrastructure package | Biden administration extends special ObamaCare enrollment until August Pelosi: Drug pricing measure under discussion for infrastructure package Bottom line MORE (D-Md.) sent letters to 16 banks and investment firms, “to inquire whether your company was the subject of a cyber-attack over the past year.”

ADVERTISEMENT

Bank of America, Citigroup, Goldman Sachs and Morgan Stanley were among the policymakers' targets.

The goal, they said, is to gather information to inform possible new federal cybersecurity legislation.

“The increasing number of cyber-attacks and data breaches is unprecedented and poses a clear and present danger to our nation’s economic security.”

A massive breach at JPMorgan, which compromised the information of 76 million households, has focused lawmakers’ attention on the financial sector.

That attack “highlights the need for greater collaboration to improve data security,” Cummings and Warren wrote.

The two lawmakers have been assertive advocates of boosting federal data breach laws as cyber attacks proliferate.

Warren, a Banking Committee member who rode into Congress on the back of her Wall Street criticism, has called for Congress to give the Federal Trade Commission more authority to regulate data breaches.

And Cummings, ranking member of the Oversight and Government Reform Committee, has sent six letters over the last week to various companies and federal agencies requesting more information on recent hacks.

The two lawmakers are asking each company to describe every data breach they may have experienced over the last year and the total number of customers affected.

With 47 different state-level breach notification laws, the standards are murky about when and how companies are required to notify individuals and government officials following a hack.

Cummings and Warren also requested the amount of fraudulent transactions that occurred as the result of any cyber attacks.

Some opponents of strict legislation argue there is minimal evidence consumers are actually financially harmed when their information is exposed, as banks and credit card companies reimburse all illicit purchases.

“Your company’s knowledge, information, and experience will be helpful as Congress examines federal cybersecurity laws and any necessary improvements to protect sensitive consumer and government information,” wrote the two policymakers.