top | item 43965309

(no title)

camcil | 9 months ago

In a data conscious world, the complete and utter disregard for PII and lack of competency in design and implementation would result in catastrophic business failure.

They may have "patched" the ability to exploit it in this way, but the plaintext data is still there in that same fragile architecture and still being handled by the same org that made all of these same fundamental mistakes in the first place. Yikes.

discuss

hiatus|9 months ago

> In a data conscious world, the complete and utter disregard for PII and lack of competency in design and implementation would result in catastrophic business failure.

As you are probably well aware, we do not live in that world. Companies like Equifax can suffer breaches exposing the personal information of millions and stock still goes up.

CobrastanJorji|9 months ago

Sorry about that. Please fill out this class action postcard, and, if approved, you will receive up to two years of identity protection services provided by Equifax (to be served concurrently with any other court-ordered two years of identity protection services), or, if you have financial damages you can conclusively prove are directly linked to this specific identity disclosure, you may mail your evidence to the provided address for up to $1000 in restitution, pending arbitration.

baxtr|9 months ago

PII data breaches, especially PHI data can lead to high financial losses, mostly in the US through litigation. Fines in the EU are low in comparison.

Companies don’t like to talk about this, and they bury these costs deep down in their financial statements. But trust me, they’re quite substantial.

ngangaga|9 months ago

It's worth noting that companies that are too big to fail (as I assume credit bureaus are considered) are great places to park money.