Cuomo calls for tougher regulations for credit reporting agencies

This July 21, 2012, photo shows Equifax Inc., offices in Atlanta. Credit monitoring company Equifax says a breach exposed social security numbers and other data from about 143 million Americans. The Atlanta-based company said Thursday, Sept. 7, 2017, that “criminals” exploited a U.S. website application to access files between mid-May and July of this year. (AP Photo/Mike Stewart)

ALBANY, N.Y. (NEWS10) – Gov. Andrew Cuomo announced new steps New York State is proposing to protect New Yorkers from a future data breach like the one at Equifax.

Around 143 million consumers nationwide were victims of the Equifax cyber attack that exposed personal private data. Cuomo announced on Monday he is proposing tougher state regulations for credit reporting agencies.

For the first time, agencies would have to register with the state and comply with the state’s cyber security standards.

“Being a small business person, being a former mayor, I’m not always a big fan of regulations,” Assemblyman John McDonald said. “But in this situation, what impacts lives, families and households, it makes perfect sense.”

The Department of Financial Services would not have the ability to deny a consumer credit reporting agency’s authorization to do business with the state’s regulated financial institutions and consumers if the agency is not complaint with state standards.

With the announcement, credit reporting agencies will be added to the list of those having to comply with cyber security regulations. The regulations were approved earlier in the year and cover banks, insurance companies and financial institutions.

It requires that any state regulated institution such as banks and insurance companies must have a cyber security program designed to protect consumers’ private data, a chief information officer and other controls to ensure the security of New York’s financial services industry.

“It really calls out for the fact that these entities if they’re going to do business in New York State, if they’re going to get the credit reports of individuals in New York State, they need to follow our rules,” McDonald said.

In a statement, Cuomo said:

Oversight of credit reporting agencies will help ensure that personal information is less vulnerable to cyber attacks and other nefarious acts in this rapidly changing digital world.

The proposed regulation must first undergo a public comment period before it is adopted, but afterwards, all consumer credit reporting agencies that operate in New York must register annually with the Department of Financial Services by February 1, 2018.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s