Georgetown University late to the punch

Educational institutions have a sordid history here at Spamroll. But since you are now numb to the news of system break-ins at such places, I won’t harp on it. Nevertheless, I must ask the question – why did Georgetown University wait three weeks to start notifying potential victims after an attack exposed 41,000 names, birthdates, and Social Security Numbers?

Notification is where legislation is needed.

Can you believe I actually said “legislation is needed? Neither can I.

***UPDATE***

Carlo over at Techdirt seems to agree – this notification business has gotten out of hand.