On October 23, the New Jersey Assembly Consumer Affairs Committee approved an amendment to the state's breach notification law that would require businesses to inform consumers if their user names, email addresses, or security questions and answers for online accounts become compromised in a data breach. The current law requires notification for breaches involving Social Security numbers, driver's license numbers, or credit and debit card numbers in combination with access codes or passwords. If passed by the full legislature, the bill would take effect 90 days after the date of enactment.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.