Heartland reveals in their annual report that the data breach last year is currently under investigation by SEC, FTC, DOJ, Federal Financial Institutions Examination Council, and the Office of the Comptroller of the Currency. This is in addition to attorneys general of several states, and Canadian authorities.

This breach is going to be a costly affair for the company if the attrition numbers are continuing to grow. Even more costly will be the loss of sponsorship from their primary sponsor bank. Visa booted Heartland off of its list of processors compliant with the Payment Card Industry data-security standards, or PCI last week.

California State Sen. Joe Simitian introduced new legislation to Expand Data Breach Notification Law

According to the magazine, Wired - March 06, 2009, California State Sen. Joe Simitian has introduced legislation that would require companies to provide more information in their data breach notification letters to consumers and to send notices to state authorities.

According to a study released by the Ponemon institute, 6 out of 10 US employees stole company data when they left their company according to this article in BBC NEWS: http://news.bbc.co.uk/2/hi/technology/7902989.stm

This is really a wake up call, to introduce digital rights management into the corporations to protect customer data, intellectual property and business secrets. Coupling Identity Management practices with DRM will ensure that sensitive information is adequatly protected even when walking out the door when the employee leaves.