LEGISLATURE | When the security of your personal information on the Internet is breached, state law requires the data storage company notify you in a timely manner. However, while the breadth of personal information, such as your name, address, social security number and bank accounts is covered by state law, the potential cracking of usernames and passwords are not.

A bill authored by State Sen. Ellen Corbett closing this crucial entry point in the notification system was signed into law Friday by Gov. Jerry Brown.

“Many consumers now conduct their day-to-day personal business online, including banking and paying bills, which creates more opportunities for sophisticated cybercriminals to access and steal their personal information,” Corbett said Friday afternoon.

This familiarity has also quelled some fears that their personal information could be left up-for-grabs. Nevertheless, over a million Californians were victims of identity theft last year alone, according to the state attorney general’s office. Without exception, the State Legislature agreed more could be done to protect online consumers. Corbett’s Senate Bill 46 navigated the entire legislative process without a single no vote.

Specifically, the new state law requires companies hosting personal data to additionally notify consumers when usernames, associated email addresses, passwords and related security questions and answers may have been breached.