Senators Murphy & Croci Announce Public Hearing on Cyber Security

Albany, NY - Imagine you are about to retire. Then one day you wake up and all your personal information, your social security number, birth date, addresses, even your driver's license number, have been stolen. The hackers who have that information now have control of your life.
 
That nightmare became a reality on September 7, 2017, when Equifax, one of the nation's three major credit-reporting agencies, announced that hackers had breached their security systems. The personal information of 145.5 million Americans was exposed, including credit card numbers for 209,000 people. It was the equivalent of giving criminals carte blanche to make purchases in consumers' names, open credit cards, take out loans - and even drain their bank accounts.
 
Equifax may have left stunned consumers cutting up their credit cards, but Senators Terrence Murphy and Thomas Croci have responded to the public's cries for action. Senator Murphy, acting in his capacity as Chairman of the New York State Senate Standing Committee on Government Operations and Investigations, and Senator Thomas Croci, who serves as Chairman of the New York State Standing Committee of Veterans, Homeland Security and Military Affairs, will hold a public hearing to examine cyber security in New York State, including methods that can be employed to protect its citizens.
 
The hearing will be held at 12 p.m. on Tuesday, October 24, 2017, at 250 Broadway in Manhattan.  The objective is to provide committee members and the public with an opportunity to listen to consumers' experiences with Equifax and address any areas of concern.
 
"Equifax was supposed to protect the information of consumers. They failed miserably. To add insult to injury, they knew they had been hacked and waited six weeks to announce it," said Senator Murphy. "Now thousands of people's credit card, social security and bank account information is out there for taking. People are going to have to constantly monitor their credit for years to come."
 
Senator Croci, who is also the Chair of the Senate Majority Task Force on Counterterrorism and Public Protection,  said, "The flow of information and the rapid advance of technology seems to be outpacing the ability to protect our personal data held by businesses and government entities. Hacking into the seemingly protected personal lives of Americans has become increasingly frequent and at larger scales than ever before. The impact of such breach practices can be devastating.  Protecting vital information and ensuring that New Yorkers and our businesses are safe is a fundamental of government and our public officials. After breaches like Equifax, Yahoo, Sony and countless others, it is imperative that we examine our cyber security posture and what needs to be done to protect data, identities and lives. This hearing will help ensure New York is on a proactive path."
 
Hearing co-sponsor Senator Elaine Phillips (R-C, Manhasset) said, "Cyber-terrorism continues to be one of the most serious threats to both our national security and personal privacy. With the world shifting into a digital era, nearly everything we do is connected to the internet and our computers: banking, communication, shopping, transportation, and even our medical records. Incidents like the recent Equifax breach only reinforce the vital importance of cyber security and the need for consumers to be better educated and more responsible for protecting their personal information."
 
Oral testimony for the October 24th hearing is by invitation only and will be limited to 10 minutes in duration followed by questions from the committee members. Twenty copies of any prepared testimony should be submitted at the hearing registration desk. Written testimony is welcome and may be mailed or e-mailed to the Chairs.
 
According to Equifax, hackers exploited a security vulnerability in a U.S.-based application to gain access to consumers' personal files. Equifax reportedly learned of the breach on July 29, but did not announce it until Sept. 7.
 
The company estimates that expenses related to the breach will be at least $1 billion. In the wake of the incident, Equifax's chief information officer and chief security officer opted for immediate retirement.
 
Identity theft is one of the top consumer complaints. The Federal Trade Commission reported 399,225 cases of identity theft in the United States in 2016 alone. Of that number, 29% involved the use of personal data to commit tax fraud. More than 32% reported that their data was used to commit credit card fraud, a sharp rise from 16% in 2015. A 2015 report from the Department of Justice found that 86% of the victims of identity theft experienced the fraudulent use of existing account information, such as credit card or bank account information. The same report estimated the cost at $15.4 billion.