“it’s not known whether the leak came from within the company or one of its vendors.”
Isn’t it time that big tech companies and their sale of private data get regulated? I see a giant class-action lawsuit in the making here.
This is regulated. And there are penalties for violating those regulations. But it’s just not enough. Even a class action lawsuit won’t help the victims. Most of that money goes to lawyers.
Honestly, I don’t expect any of it to change until the penalties are so severe that major companies go under. Aka a corporate death penalty (which the US used to have). But even then, good software security is extremely hard. Almost everyone screws up something.
Aka a corporate death penalty (which the US used to have). But even then, good software security is extremely hard. Almost everyone screws up something.
So corps would be regularly “executed” because of not getting it right at some point and that leading to such events.
What’s bad about that?
Companies are market entities, they are supposed to live for some time and die, so that evolutionary process would work.
Right now it’s like titans eating their children, they should die from regulator’s axe, ideally at the very moment when mistakes stop being sufficient to kill them.
It is. The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have “no reasonable expectation of privacy” in that information. Source
Why companies aren’t fined for every customers data they didn’t secure properly is beyond me. This should cost them a specific sum per customer or part of their annual global revenue. Make it hurt.
Otherwise they have no reason to spend money to properly secure people’s data.
Devils advocate: It would give them additional insensitive to cover up the fact it happend.
My 2 cents: companies cant be trusted with your data and local data containers which you control, can give or reject limited acces to need to become the norm.
Cant cover it up if the hackers take credit. And with the info collected it won’t take much time to pin point where it came from.
Its happened before that leaks where covered up for months though, gives them time to sell stocks before public backlash .
I mean yeah it probably would. But that’s essentially just blackmail.
For there should be is an entire branch of government dedicated to regulating and auditing data security in large corporations.
So, basically every AT&T customer.