arrow_back Back to App

Mandatory Ransom Payment Disclosure for Cyberattacks

New rules require businesses and local governments to report ransom payments made after cyberattacks. This aims to help understand threats and protect information systems. Individuals can also voluntarily report such incidents, contributing to better problem analysis.
Key points
Businesses and local governments must report any ransom payment to the Department of Homeland Security within 48 hours of payment.
Disclosures must include the date, amount of ransom, currency type (including cryptocurrency), and any known information about the attackers.
The Department of Homeland Security will publish aggregated data on ransom payments, without revealing the identity of affected entities.
Individuals can voluntarily report ransom payments through a dedicated website.
The goal is to better understand cyber threats and develop more effective protection methods.
article Official text account_balance Process page
Expired
Citizen Poll
No votes cast
Additional Information
Print number: 117_HR_5501
Sponsor: Rep. Ross, Deborah K. [D-NC-2]
Process start date: 2021-10-05
Lustra uses Artificial Intelligence. Verify details in source documents.
Summarized by: gemini-2.5-flash-preview-05-20
Source data: api.congress.gov
AI work logs for this document launch

OFFICIAL LEGAL TITLE

Ransom Disclosure Act

FREQUENTLY ASKED QUESTIONS

What is the official ID of this bill?

The official print number for this legislation is 117_HR_5501.

Which chamber initiated this legislation?

This legislation was initiated in the House of Representatives.

When did the legislative process begin?

The process officially started on 2021-10-05.

What are the main provisions?

Key points include:

  • Businesses and local governments must report any ransom payment to the Department of Homeland Security within 48 hours of payment.
  • Disclosures must include the date, amount of ransom, currency type (including cryptocurrency), and any known information about the attackers.
  • The Department of Homeland Security will publish aggregated data on ransom payments, without revealing the identity of affected entities.
  • Individuals can voluntarily report ransom payments through a dedicated website.
  • The goal is to better understand cyber threats and develop more effective protection methods.
What is the specific legal status?

The current status is Expired.

Where can I read the full text of this legislation?

The full official text is available at: View full text

Who is the primary sponsor?

The primary sponsor is Rep. Ross, Deborah K. [D-NC-2].

What is the latest detailed status?

The latest detailed status is: Referred to the Subcommittee on Consumer Protection and Commerce.

Is this summary verified?

Yes. This content was analyzed by AI and verified by the Lustra Judge System on 2025-12-28.

CATEGORIES

Security Informatization Economy