Phone Number
email address

Blog details

State Laws Protect Victims of Identity Theft—What You Should Do After a Big Data Breach

State Laws Protect Victims of Identity Theft—What You Should Do After a Big Data Breach

You may have seen news reports this year about large-scale customer data breaches at companies like Home Depot, Target, eBay, and P.F. Chang’s.  Many times the affected company waits to announce the data breach to the public, fearing bad press and future customer distrust.  What many people don’t know is that the law in most states, including North Carolina, protects consumers against companies that fail to adequately protect their personal data. 

According to a report released this month by research company Navigant, it takes corporations an average of 56 days to announce a data breach after discovering it.  The information stolen by hackers often includes bank information, customer names, and customer addresses, and within weeks the victims see large unknown charges on their credit cards.  This lengthy amount of time gives criminals ample opportunity to either use the customer information for illegal purchases, or sell the information on the black market.  There were over 320 major breaches in the last year affecting well over 6 billion personal records, and the sluggish response time exacerbates the pain felt by consumers.

Recently, Kentucky became the 47th state to pass a data breach notification law, and Florida recently updated its existing rules to shore up consumer protection.  And with widespread publication of data breaches, Congress, the Federal Trade Commission, and State Attorney Generals are starting to take notice. 

North Carolina in particular passed legislation back in 2005 that requires organizations that own customer data to report breaches to affected consumers and to the North Carolina Attorney General’s Office “without unreasonable delay.”  If a company simply stores customer data and does not own it, the business must inform customers immediately of a data breach.

North Carolina law even outlines the exact type of notice the company must send to consumers.  The notification must include a description of the data stolen, a description of the incident, what steps the business is taking to protect against further hacker intrusions, and even toll-free numbers for major credit reporting agencies.

If a North Carolina business fails to uphold their obligations under the state’s data protection law and a consumer suffers from a financial loss, that consumer has the right to file suit against the business to recoup their losses.  

Prev post
Top Three Consumer Scams to Watch Out for
January 31, 2019
Next post
Claims of Lien and Their Protection of Contractors
January 31, 2019
About Us

For more than 37 years, Weaver, Bennett & Bland, P.A. has helped individuals and businesses achieve success in their legal challenges, and we’re recognized as one of the most established and trusted law firms in the Charlotte, North Carolina area.  We’ve represented almost 22,000 clients over the last three decades with integrity and professionalism.

Contact Us
196 North Trade Street Matthews, NC 28105
Mon – Thur: 8:30am – 5:30pm
Fri: 8:30am – 5:00pm
Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Image
  • SKU
  • Rating
  • Price
  • Stock
  • Availability
  • Add to cart
  • Description
  • Content
  • Weight
  • Dimensions
  • Additional information
  • Attributes
  • Custom attributes
  • Custom fields
Click outside to hide the comparison bar

Our Firm is Here to Help.
Contact us today!

Fill out the form to receive a case evaluation and a call back regarding your legal needs.