Attorney general wants to change identity theft law

March 30, 2018 07:53 AM

You don't have to look far to find someone who has suffered identity theft. New York state's attorney general said current state law does little to protect you. He wants to change that.

Clay Gronemeyer and his wife Heather were victims of a hacker last spring. Heather was in the hospital after giving birth to a little boy.  She sent her husband on an errand. 


"I asked him to go get me a chicken bowl from Chipotle,” said Heather.

Days later, the couple got a phone call from their bank.

"They gave me a call and let me know that my card had been compromised," said Clay.

Clay was one of thousands of consumers across the country whose credit or debit card was compromised when thieves hacked into point of sale terminals at Chipotle during the spring of 2017.  

"Chipotle was breached all over the place. It just so happens that four were in Rochester," New York Attorney General Eric Schneiderman explained.

The Chipotle breach was just one of 1,583 reported to the attorney general's office last year exposing the personal records of more than 9.2 million New Yorkers. In fact, the number of data breaches reported to the state attorney general's office in 2017 increased 23 percent in one year. The attorney general’s office prepared a report that also showed thieves most often stole New Yorkers’ social security numbers followed closely by financial information. The most common reason for identity theft was hacking.

Hackers operating anywhere in the world can steal your personal information. That's what makes a data breach so potentially damaging. But Schneiderman says right now New York has few weapons in the war against identity thieves. 

"We have no requirement now that companies provide reasonable safeguards," said Schneiderman. "Other states do. We don't. So the SHIELD law would impose that."

The SHIELD Act stands for Stop Hacks and Improve Electronic Data Security Act. It would require companies to safeguard sensitive data, and it would expand the types of data breaches that businesses have to report.

"So if a company will comply with that, they would get a safe harbor from any litigation from our office,” said Schneiderman.

But if a company does not, it could face stiff fines. Schneiderman is traveling the state, pushing for passage of the act that he believes will protect you - the consumer. Now it's in the hands of New York state legislators.

The attorney general stresses that thieves are busy, and consumers must work hard to protect our data. With the help of the Consumer Credit Counseling Service of Rochester, here's Deanna's Do List.   

  • Create strong passwords, and change them often.
  • Only make purchases on websites that begin with https. Some may also have a padlock sign. 
  • Never give personal information over the phone unless you contacted them.
  • Protect you social security number. If a business asks for it, ask them why they need it.  Often a social security number isn’t actually required.


Deanna Dewberry

Copyright 2018 - WHEC-TV, LLC A Hubbard Broadcasting Company

Relay Media Amp

We no longer have Facebook comments on this site. Please visit our Facebook Page to join the conversation.