Why isn't our government doing more to stop this?

To address the specific cybersecurity aspects, the Federal Trade Commission (FTC) employs its authority through a combination of enforcement actions, guidelines, and rulemaking within the framework set by the FTC Act and other specific legislations. Here are the key components:

Section 5 of the FTC Act: This is the cornerstone of the FTC's authority over cybersecurity. The Act doesn't explicitly mention cybersecurity, but the FTC uses its provisions against "unfair or deceptive acts or practices" to cover cybersecurity lapses that can harm consumers. This includes actions where businesses fail to implement reasonable cybersecurity practices, potentially leading to data breaches or other consumer harms.

Children's Online Privacy Protection Act (COPPA): This act requires websites and online services aimed at children to implement specific security measures to protect children's personal information. The FTC enforces these rules, which include cybersecurity practices.

Gramm-Leach-Bliley Act (GLBA): Under the GLBA, the FTC has established the Safeguards Rule, which requires financial institutions to have a comprehensive security plan to protect the confidentiality and integrity of consumer personal information. The Rule mandates regular testing of key controls, systems, and procedures of the information security program.

Health Breach Notification Rule: For vendors of personal health records and related entities that are not covered by the Health Insurance Portability and Accountability Act (HIPAA), the FTC enforces this rule, which requires notification to consumers in the event of a breach of unsecured identifiable health information.

Identity Theft Red Flags Rule: This rule, under the Fair and Accurate Credit Transactions Act (FACTA), requires financial institutions and creditors to implement programs to detect, prevent, and mitigate instances of identity theft, including cybersecurity measures that protect against data breaches leading to identity theft.

Enforcement Actions: The FTC has brought numerous enforcement actions against companies for failing to adequately protect consumer data, asserting that inadequate cybersecurity practices constitute unfair or deceptive practices under the FTC Act. These actions often result in settlements that include requirements to establish comprehensive information security programs and to undergo regular independent security assessments.

Guidance and Best Practices: The FTC regularly publishes guidance documents and best practices for businesses on how to protect consumer data and comply with federal laws, emphasizing the importance of cybersecurity measures in protecting personal information.

These tools and actions collectively empower the FTC to regulate cybersecurity practices extensively, ensuring businesses take necessary steps to protect consumer information from cyber threats.

What a stupid response.  Of course we do it.

That doesn't mean we shouldn't protect ourselves better. I'm sure your adopted country plus China, Iran and N. Korea all actively protect their electronic information.  

That's true about paper stuff.

But it seems like if we spent a few billion more on cyber hacking prevention instead of placating a few dozen despots we'd be better off. 

Another boogieman no one cares unless their money gets cut off

Yet so many RWNJ want to castrate the FTC and their rule making authority that allows real time response to these threats.

Make it make sense. How the hell is congress supposed to keep up with technology that changes daily?

Our free state leader might want to spend some more time studying infrastructure than fighting with Disney and dismantling public education. You know things that actually impact our lives. Not to mention the insurance crisis in our great state.