Let’s Just Not Tell Anyone Billions of User Records Were Hacked
Poor Yahoo, now Altaba. It was recently fined a whopping $35 million dollars by the Securities and Exchange Commission (SEC), for sitting on its massive data breach for two years. In case you don’t recall the details, dastardly Russian cyberhackers managed to obtain the entire Yahoo database, which contained billions of usernames, email addresses, phone numbers, birthdates, passwords, and security questions. Yahoo knew of the breach two days after it occurred but decided not to tell anyone. Well now, wasn’t that an ethical decision?
The problem I have with this is that the SEC imposed the fine because it impacted its investors – I didn’t know return on your investments was a given. In many data breach cases, it seems rarely to be about the individuals who now have all their personal information for sale on the dark web. This really bothers me. When are companies going to realize that the protection of their clients, partners, stakeholders, and even internal staff should be their highest priority? It’s customers who keep the lights on and the paychecks flowing.
Off my soapbox now. If you still aren’t confident in your identity governance plan – you do have one, right? – we can offer automatic, and in real-time if you like, identification of any privacy or organizationally-defined sensitive information from within the content itself, and move it to a secure repository where it awaits disposition, and has download and inappropriate access prohibited. Read how this client solved its privacy challenges to ensure HIPAA compliance.
Our webinars also address the topics explored in our blogs. Access all our webinar recordings and presentation slides at any time, from our website, in the Recorded Webinars area, via the Resources tab.