One of America's biggest retailers and the king of big-box stores, Target, made headlines during the height of the holiday season — the company had fallen victim to cyber thieves, affecting the data of millions and millions of customers. A few weeks later, luxury retailer, Neiman Marcus announced that it, too, had succumbed to a security breach during four months in 2013 in which a million customers had their credit card data breached too. It seemed to be the worst kind of news for companies, potentially jeopardizing their reputation, and, even worse for customers that rely on security from the major retailers they patronize.

While it seems unlikely that a retailer would want more “heavy-handed” regulations from the government, the National Journal reports that retailers are asking Congress to require them to notify customers when shoppers' information has been put at risk. Supporters of a unified regulation contend would this make things easier for companies, but it would also be easier for firms to serve their customers better by giving businesses a quick and comprehensive way to address hacks. The idea of such a regulation is gaining traction in the beltway and quickly. In fact, Rep. Lee Terry, the chairman of the House Commerce, Manufacturing, and Trade Subcommittee, has planned a data-security hearing, featuring testimony from a Target executive, as early as next month,

In the Senate, Judiciary Committee Chairman Patrick Leahy introduced a data-breach bill earlier this month, with the support of fellow Democratic Sens. Chuck Schumer, Al Franken, and Richard Blumenthal. Leahy, who has backed similar legislation since 2005, said he also plans to hold a hearing on the issue. However, it could be a measure Republicans may not easily support with the idea that such a regulation would be “just another nanny-state” intrusion, and a measure that wrecks of anti-business.