"Harm to a company’s reputation, customer or vendor relationships, or competitiveness may be examples of a material impact."Last week, we reported on a Roblox data breach that first happened in 2020, and was apparently shared in some nefarious places in 2021, but only became widely known about when.
Given that the vast majority of the big gaming companies in the US are publicly traded, this means the new rule will apply to companies such as:Blizzard, Electronic Arts, Microsoft, Nexon, Nintendo, Paradox Interactive, Riot Games, Roblox Corporation, Sony, and Take-Two Interactive. Nested within those are plenty of other famous studios like Blizzard, Bungie, Rockstar, and Zynga.
There are some exemptions that probably won't apply to gaming companies, such as risks to national security or public safety, and the disclosure rules come alongside a new reporting requirement, whereby public companies have to outline their processes for identifying and managing cyber-threats. Foreign companies doing business in the US will not be exempt and similar rules are being applied to their set of forms .