Attorney General Eric Holder has called on Congress to require retailers to immediately report data breaches to customers and law enforcement.
Holder's push comes in the wake of a massive data breach suffered by Target during the holiday shopping season late last year. The retailer and investigators estimated that approximately 40 million people had their debit and credit card information stolen, while as many as 70 million people had their personal information accessed.
As we’ve seen – especially in recent years – these crimes are becoming all too common," Holder said in a video message posted on the Justice Department's website Monday. "And they have the potential to impact millions of Americans every year.
Target was criticized for not informing customers of the issue sooner. The retailer disclosed the breach on December 23, but the data was accessed and stolen between November 27 and December 15.
This [standard] would empower the American people to protect themselves if they are at risk of identity theft," Holder said. "It would enable law enforcement to better investigate these crimes – and hold compromised entities accountable when they fail to keep sensitive information safe."
Shortly after the Target breach was reported, upscale retailer Neiman Marcus confirmed that it had been hit by similar data breaches dating back to July of last year, but had waited until this past January to notify customers.
Executives from both stores were called before the Senate Judiciary Committee earlier this month to give testimony on their response to the data breaches.