New Hampshire gets it
Via Lyger at Attrition.org, comes word that New Hampshire, one of a handful of U.S. states that require breaches involving personal information to be reported to the state as well as to affected individuals, has made at least some breach notices it has received available on the net.
I haven’t had any time to read the approximately fifty-five notices, or add to my stylish breach Venn diagram, but I will say that the idea of digitizing such materials and making them available online is one I like (and have done with reports from NY) [link to http://www.cwalsh.org/BreachInfo/primary_sources/firmlist.html no longer works].
I do not know when the Granite State started doing this, or what fraction of reports they have made available, but I sure hope they keep up the good work. I counted 55 or so reports covering 11/06 – 6/07.
It’s too bad New Hampshire doesn’t have a form, but I suppose that lines up with the whole “Live Free or Die” thing.
Yeah. I was hoping for a form. I did notice that one report was a modified version of the one NY uses (s/NY/NH/g, N00bz!). I had my hopes up for a minute there…
Interesting tidbit is that one stolen laptop caused reports from 13 companies (if I counted right). Just about half of the incidents were due to lost/stolen HW or media (consistent with what Attrition has)