Online Security

Page may contain affiliate links. Please see terms for details.
Joey Shabadoo

Joey Shabadoo

My pronouns are "He", "Him" and "buggerlugs"
With news that another organisation has been hacked and personal details lost, is it time to start fining companies that suffer such lapses in security? Maybe a financial guarantee per user?

http://www.bbc.com/news/technology-41286638

Or does this already happen? All I seem to get (not with this example) is a mealy-mouthed apology.
 
numbnuts

numbnuts

Squire
Location
Gone over the hill and far away
If you have the very best security someone somewhere will try to crack it, nothing today is foolproof.
 
bruce1530

bruce1530

Guru
Location
Ayrshire
Under current data protection laws, the UK Information Commissioner can issue fines of up to half a million pounds for a data breach. In practice, they have never issued a fine grater than 400k.

GDPR regulations, which come into effect next year, have more clout. The basic principles are not unlike the current data protection regulations, but the fines can be up to 20 million euros, or 4% of global annual turnover.


The company that was fined 400k (TalkTalk) also lost a significant proportion of its customer base, it’s profits halved, share price tumbled, and it spent around 40 million “recovering” from the attack. So the fine is pretty insignificant.
 
classic33

classic33

Leg End Member
twentysix by twentyfive said:
Hmmph - sounds a bit multiverse to me. I'll have a word with Stephen (Hawking) :okay:
Click to expand...
Name, address, date of birth, anything else after that is just making it too easy for them.
 
Andy_R

Andy_R

Hard of hearing..I said Herd of Herring..oh FFS..
Location
County Durham
Diogenes The Sarcastic said:
With news that another organisation has been hacked and personal details lost, is it time to start fining companies that suffer such lapses in security? Maybe a financial guarantee per user?

http://www.bbc.com/news/technology-41286638

Or does this already happen? All I seem to get (not with this example) is a mealy-mouthed apology.
Click to expand...
In real world terms, the fine is that people/businesses/corporations/banks stop using their services. In order to stay in business they know they have to remain secure and will ramp up their efforts to do so. Otherwise they lose business and go under.
 
D

Dan B

Disengaged member
Andy_R said:
In real world terms, the fine is that people/businesses/corporations/banks stop using their services. In order to stay in business they know they have to remain secure and will ramp up their efforts to do so. Otherwise they lose business and go under.
Click to expand...
If it were possible to opt out of appearing in credit reference agency's files, then sure, this would be an option. But in the real world i doubt the various lenders, landlords, etc, who use Equifax to check whether you're a bad credit risk care overmuch whether they have let all your data get stolen
 
Tim Hall

Tim Hall

Guest
Location
Crawley
numbnuts said:
If you have the very best security someone somewhere will try to crack it, nothing today is foolproof.
Click to expand...
According to Money Box today on Radio 4 , if Equifax had bothered to apply a security patch they'd been issued this breach wouldn't have happened. Googling for Apache Struts (the package in question) says the patch was released in March. Equifax got hit in May. That doesn't sound very clever.
 
You must log in or register to reply here.

Similar threads

Drago
The Forthcoming Online Safety Act
Replies
50
P
Big Brother or Security Risk ... Strava
Replies
4
night cycler
Advice about listing my bike online, and ebay's changes to size & colour of text limitations.
Replies
0
Chris S
Checking-in online
Replies
2
Top Bottom