Menendez: Make stores responsible
Following the Target hacking, he said firms must be accountable for stolen information.
The New Jersey Democrat is taking on the topic after last week's revelation that information about 40 million Target customer accounts had been stolen.
At a news conference Thursday outside a Target store in Jersey City, Menendez said he wanted to make sure retailers are "putting their customers ahead of profits." He announced that he had requested details from the Federal Trade Commission on whether it can fine firms for security breaches and whether laws should be changed to protect consumer data.
"We need to know if the FTC has the teeth to hold retailers who failed to protect consumers' information accountable," Menendez said.
"Our country's consumers depend upon safe and secure transactions, and especially at this crucial time of year, our country's retailers must commit to fulfilling that expectation," Menendez wrote to FTC Chairwoman Edith Ramirez.
Menendez said he wanted the FTC to recommend if further legislative action is needed to help protect consumers against having their financial information stolen.
If a company does not invest in security to ensure customer data can't be stolen, Menendez said, "then you have to question why a company would not do that."
He may hold hearings on the Target breach, he said.
Target Corp. spokeswoman Katie Boylan said in an e-mail that the company was "focused on partnering with the authorities who are investigating this crime against Target and our guests, and helping our guests understand what they need to know and what steps they can take."
The security breach lasted from Nov. 27 to Dec. 15 and affected customers in Target's U.S. stores.
The retailer said it hosted a conference call for state attorneys general Monday and will have a follow-up call Jan. 6.
Target announced Monday that the Department of Justice is investigating what is being called the second-largest data breach in U.S. history. It also said it is working with the Secret Service to determine how the hack happened.
Customers have already filed lawsuits against the company.