More than four months after the disclosure of the Equifax data breach, state legislatures around the country are starting to respond. In December, New York was one of the first to put safeguards in place to strengthen consumer protections in the wake of the massive data leak at the credit-reporting bureau.

That came 90 days after the company disclosed that as many as 145.5 million people had been exposed to identity theft. Equifax said such sensitive information such as people’s names, addresses and Social Security numbers were included in the haul.

Months later, state legislatures are finally responding to the Equifax disaster

Now lawmakers around the United States are back in session and looking to respond to the failings of the Atlanta-based agency as well as other firms that have shown themselves to be reckless when it comes to Americans’ personal data.

One of the most prominent pieces of legislation that has emerged is in Washington state, with the introduction of Senate Bill 6018, which would end fees associated with credit freezes and thaws. The bill has passed Washington’s Senate Financial Institutions & Insurance Committee and is moving through the lawmaking body.

The sponsor of the Washington state bill, Sen. Mark Mullet, said consumers shouldn’t have to fork over money to be protected by breaches they had nothing to do with.

“Consumers whose sensitive financial data has been exposed through no fault of their own shouldn’t have to pay to protect their credit ratings,” Mullet said in a written statement. “I’m pleased that we’re taking real steps to help people protect themselves and their personal information by removing undue financial penalties.”

In the Colorado General Assembly, three bills have surfaced that are aimed at Equifax and cybersecurity protections. The legislation with the most teeth, House Bill 1128, would give the attorney general’s office almost unbridled control of any cybersecurity investigation.

The bill is sponsored in part by Assistant House Minority Leader Cole Wist, whose personal information was hacked in the Blue Cross Blue Shield breach disclosed in August 2016. “As a consumer, it was frightening, it was frustrating and it was daunting,” Wist told the Denver Post.

In Congress, Massachusetts Sen. Elizabeth Warren and Sen. Mark Warner of Virginia recently introduced the Data Breach Prevention and Compensation Act, which would impose monetary penalties on credit agencies and require that half the money be distributed to consumers.

“The financial incentives here are all out of whack — Equifax allowed personal data on more than half the adults in the country to get stolen, and its legal liability is so limited that it may end up making money off the breach,” Warren said about the legislation. “Our bill imposes massive and mandatory penalties for data breaches at companies like Equifax – and provides robust compensation for affected consumers — which will put money back into peoples’ pockets and help stop these kinds of breaches from happening again.”

The bill would also establish an Office of Cybersecurity that would be run by the Federal Trade Commission.

How to lobby your state to address the Equifax data breach and cybersecurity

While some states are moving to better protect consumers post-Equifax, not all of them are crafting bills just yet. You may be wondering what lawmakers are doing in your particular state in response to the Equifax data breach. If you’d like to reach out to the state legislators who represent you, click here to input your address and find out how to contact them directly!

More resources:

• Equifax data breach: What to know & how to protect yourself from what’s coming next
• How to sign up for Credit Karma’s free monitoring service
• Credit Freeze Guide: The #1 best way to protect yourself from identity theft

To learn more, see all of our Equifax coverage here.

[anvplayer video=”4190196″ station=”998267″]