(1) A manufacturer or distributor of a voting system or component of a voting system that is certified by the secretary of state under RCW
29A.12.020 shall disclose to the secretary of state and attorney general any breach of the security of its system immediately following discovery of the breach if:
(a) The breach has, or is reasonably likely to have, compromised the security, confidentiality, or integrity of an election in any state; or
(b) Personal information of residents in any state was, or is reasonably believed to have been, acquired by an unauthorized person as a result of the breach and the personal information was not secured. For purposes of this subsection, "personal information" has the meaning given in RCW
19.255.010.
(2) Notification under subsection (1) of this section must be made in the most expedient time possible and without unreasonable delay.