State of California Data Breach (2002)

On April 5, 2002, an unidentified hacker penetrated a California server housing the state governments payroll database, gaining access to names, Social Security numbers and salary information for 265,000 state workers from the governor on down. The breach itself was small potatoes, but when it emerged that the California Controllers Office had waited two weeks to warn the victims, angry lawmakers reacted by passing the nations first breach disclosure law, SB1386. The law requires hacked organizations to promptly warn potential identity theft victims. Its passage pulled the rock off the string of major corporate breaches that companies would have preferred to hush up. Today, 45 states have enacted similar laws.