Effective October 1, 2018, Connecticut law requires organizations that experience a security breach affecting Connecticut residents’ Social Security numbers to provide 24 months of credit monitoring to affected individuals. Previously, Connecticut law required entities to provide 12 months of credit monitoring for breaches affecting SSNs.
Continue Reading

On March 12, 2013, Connecticut Attorney General George Jepsen announced that a coalition of 38 states had entered into a $7 million settlement with Google Inc. (“Google”) regarding its collection of unsecured Wi-Fi data via the company’s Street View vehicles between 2008 and 2010. The settlement is the culmination of a multi-year investigation by the states that we first reported on in 2010.

Continue Reading

On June 15, 2012, Connecticut Governor Dannel Malloy approved amendments to the state’s breach notification law requiring businesses to notify the state Attorney General in the event of a data security breach. One week later, Senator Pat Toomey (R-PA) introduced the Data Security and Breach Notification Act of 2012 in an effort to create a national breach notification standard.
Continue Reading