A bipartisan group of senators Thursday introduced a bill intended to protect small businesses from cyberattacks after hacks crippled some of the country’s largest companies.
Sens. Chris Coons (D-Del.), John Kennedy (R-La.), Marco Rubio (R-Fla.) and Raphael Warnock (D-Ga.) reintroduced the Small Business Credit Protection Act, which would mandate credit bureaus inform small businesses of a nonpublic personal data breach within 30 days. It would also bar credit bureaus from charging such businesses for a credit report within 180 days of a breach.
“Entrepreneurs need to build and maintain healthy credit as they grow their businesses,” Coons said. “That’s why it is so vital that government help protect the private credit information of small business owners, just as they do for consumers.
“We’ve taken important steps to protect consumers, but small businesses’ credit data have also been compromised, and they deserve protection,” added Kennedy. “Consumers and mom-and-pop businesses are counting on us to safeguard their data privacy when new threats arise every day.”
Rubio first introduced the legislation in November 2018, but the bill takes on heightened importance now after a series of prominent cybercrimes. Rep. Gregory Steube (R-Fla.) will introduce companion legislation in the House.
“The federal government must uphold the trust that Americans need to fully participate in our economy,” Rubio said. “My legislation, the Small Business Credit Protection Act, would ensure that small businesses receive protections in cases of a security breach. I urge my colleagues to join me in passing this bipartisan bill so that we can continue to protect America’s small businesses – the cornerstone of our economy.”
The legislation comes as Congress looks to beef up cyber protections for the federal government and the private sector after a slew of crippling hacks.
Colonial Pipeline, the company that supplies 45 percent of the East Coast’s fuel, temporarily shut down its operations last month after a ransomware attack targeted some of its data. JBS USA, the nation’s largest beef supplier, was later hit by a similar ransomware attack.
Both hacks are believed to have been perpetrated by Russian-based criminal groups.
The Justice Department said this month that, in response to those and other intrusions, it plans on elevating investigations into ransomware attacks to the same priority as probes into terrorist strikes.