By Jason Wool (July 31, 2018, 12:59 PM EDT) -- Arizona recently amended its data breach notification law to include user credentials to an online account as one of the types of data that can trigger mandatory notification obligations. In doing so, it became just the latest in a string of states to require notification for breaches of online credentials, indicating that more jurisdictions are likely to follow. As a result, organizations may want to take this opportunity to review their practices for securing user credentials to minimize the likelihood of password-related incidents that could give rise to breach notification obligations, along with the negative publicity that can affect a business' bottom line. Read on for details about these laws, and technical considerations for evaluating your organization's password creation and storage practices....