Non-banking financial organizations with at least 500 customers, including mortgage brokers, payday lenders, and motor vehicle dealers, have been required by the Federal Trade Commission to report data breaches and other cybersecurity incidents within a 30-day period as part of an amendment to the Safeguards Rule, which will be effective beginning April, according to The Record, a news site by cybersecurity firm Recorded Future.
Article Link: Data breach reporting mandate for non-bank financial entities approved | SC Media