got root?
Thursday, March 23, 2006
dataloss
I have recently subscribed to attrition's dataloss list. So everyday I receive a few e-mails concerning recent thefts of large blocks of readily-identifiable customer data, which makes both ID theft and CC fraud a walk in the park for most people.

Only, a [too] large number of these data losses are not thefts per se. See, when someone leaves backup tapes at the door of some warehouse or a laptop on a table while they get a quick drink, the thief has little to do in the way of stealing. Heck, if I were walking down some street and I saw a bag of tapes or CDs or something, I'd pick'em up for fun, out of curiosity or something along those lines.

Now on the issue of liability, many of these companies do not even disclose breach information, let alone do serious damage control. In this part of the world, once your SIN has been compromised... well, you don't get another. It's as simple as that. So if some dumb assistant rushes to the pub and leaves backup tapes outside the off-site warehouse, well, he should be getting his ass kicked. After all he has failed to properly do his job and as such he should suffer whatever consequences, in excess of just losing his job.

Being stupid is no excuse. Keep hacking!

technology
hack
Comments: Post a Comment  | | Home