LANSING – Consumers would have to be notified within 45 days if their “sensitive personally identifying information” was stolen in a data breach, under two bills that moved out of the House Financial Services Committee Wednesday morning.

Meanwhile, letters continue to go out from one recent example of a data breach, a ransomware incident that locked up servers and workstations back on Sept. 23 at Wolverine Solutions Group (WSG). A letter an impacted consumer received that notified him of the incident arrived on March 1, 159 days after the incident.

Bill sponsor Rep. Diana Farrington (R-Utica) said she is not happy with the speed of notification in that incident.

“Six months is a little excessive,” she said.

To read the rest of this story, click on