Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] Re: choice-point screw-up and secure hashes
From: Vincent van Scherpenseel (mailinglistsvanscherpenseel.nl)
Date: Sat Mar 19 2005 - 05:25:01 CST
On Saturday 19 March 2005 09:36, Kurt Seifried wrote:
> The sad part is there is NO (Zero, Nada, Zilch) incentive for companies to
> treat this data securely. Information for a hundred thousand people is
> stolen. So what? The company is not criminally liable in any way (I haven't
> heard of any laws yet). Civilly they're barely liable either. It'll be more
> of the same until we have laws with penalties for allowing theft of
> customer data. To bad insurance won't work, when a physical item is stolen
> it costs money to get a new one, and insurance companies won't pay out
> unless you took due care/diligence, OTOH if you steal all the electronic
> data (and even erase it) a company just restores from a backup and goes on
> with life.
Don't forget that it's bad for the company's image to have confidential
customer data stolen. As soon as the press catches on it's bad for business.
So, companies *do* have a drive to secure your private data.
- Vincent van Scherpenseel
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://www.secunia.com/