They had it, they shouldn't have, now they lost it. Same story all over.
The funniest part of this is that they're trying to convince their public that it's a good idea to have a national ID card containing even more data and that they'll be responsible with that data.
Said someone from an anti-ID card group:
"It's inevitably good news for our campaign because it proves to people that this government, and indeed any government, cannot be trusted with this amount of information. For 25 million people this is a catastrophe but it is just a small herald of the national ID scheme which would mean a potential catastrophe for 60 million of us."Tags: Data Breaches, National ID, UK
And, as usual, the completely worthless response:
*Sigh*Tags: Countrywide, Data Breaches
And, again, if these companies would stop holding our credit card numbers far past the date that we used them, we wouldn't be having this problem.
If this is true, then how did they lose anything? Did they? The details are unclear.
Data breaches are common, but shouldn't be. They could easily stem the flow by putting better security in place, taking personal data offline, stop sending employees home with laptops that have personal data on them, and, above all stop storing our data once you no longer have need of it (you can't lose my credit card number if you don't have it).
Anyway, class action suits don't often work so one man decided to take a company to small claims court instead (and won!). A $700 settlement might not seem like much, but as he says:
This is so, so stupid. It's not weak security, its that you data-abused us for all our customer data that we didn't want you to keep anyway. If you hadn't stored all the data on us, you couldn't have lost it.
I already know they don't need to store our credit cards, but licenses and SSNs?Tags: Data Breaches, Identity Theft, TJX
So today my wife received a letter from our bank saying that her card was included in the data breach. They were very pleasant and helpful (as credit unions tend to be), but one thing caught my attention:
For the record, fraud alerts are required, but can be ignored. The problem is that it's the issuing company's responsibility to check for the fraud alert and act accordingly. Since it hurts their business to do so, it's far more likely that they will "miss" the flag (especially when they're on commission). That means that it may help and it may not.Tags: Data Breaches, Fraud Alerts, ID Theft, Security Theater, TJ Maxx
|Copyright © 2012 by Jeremy Duffy All rights reserved.||About Me and This Site | Blog | Contact | Policies|