Either way, tighter notification laws are almost certainly on the agenda following the successful six-month-long attack on US retailers Target and Neiman Marcus, not to mention the critical flaw found in the OpenSSL tool, which is widely used to encrypt password-based authentication procedures ??? for retailers, banks and other organisations holding financially sensitive information.