The CEOs of Marriott and Equifax are set to testify about recent data breaches before a Senate panel Thursday.
The Senate's Subcommittee on Investigations is holding a hearing to learn more about the potential causes and scope of breaches that have compromised millions of Americans' personal information.
Marriott International announced in January that more than 5 million unencrypted passport numbers may have been exposed in a previously revealed November incident.
That reportedly makes the breach one of the largest on record in the U.S. — even larger than the Equifax breach that exposed more than 140 million users' names, Social Security numbers and addresses in 2017.
It's not a new topic on Capitol Hill.
Lawmakers have been starting to unravel the larger issue of data privacy and what can be done to protect it from a federal standpoint. While most agree that national data privacy legislation is needed, it's not entirely clear how to go about it.
Up for debate is whether a federal privacy law would override state privacy laws, like California's landmark legislation.
Another point of contention is how much authority to give the Federal Trade Commission in order to regulate privacy practices and punish companies that aren't in compliance. Right now, the FTC is responsible for oversight but doesn't have the power to crack down.
An FTC consumer protection official is also scheduled to testify Thursday. They'll talk through some of the policies Washington should consider in order to prevent future attacks and breaches.