I cover a lot of information breaches. From unintended exposures to data-exfiltrating hacks, I’ve seen it all. Not every information breach is the exact same. How a business reacts to a data breach– whether it was their fault– can make or break its track record.
I’ve seen some of the worst reactions: legal dangers, rejections and pretending there isn’t an issue at all. Some companies declare they take security “seriously” when they clearly don’t, while other business see it simply as a workout in crisis communications.
When in a while, a business’s reaction practically makes up for the everyday deluge of hypocrisy, obfuscation and downright lies.
Recently, Help Wireless, a U.S. cell provider that provides free government-subsidized mobile phone and strategies to low-income homes, had a security lapse that exposed 10s of countless customer IDs– chauffeur’s licenses, passports and Social Security cards– used to validate an individual’s income and eligibility.
A misconfigured plugin for resizing images on the provider’s site was blamed for the inadvertent information leak of client IDs to the open web. Security scientist John Wethington found the exposed information through a basic Google search. He reported the bug to TechCrunch so we might notify the company.
Make no error, the bug was bad and the direct exposure of consumer information was far from ideal. However the business’s response to the event was one of the best I’ve seen in years.
Keep in mind, due to the fact that this is how to deal with a data breach.
Their action fasted. Help right away reacted to acknowledge the invoice of my initial e-mail. That’s currently a positive sign, knowing that the company was checking out the issue.
Article curated by RJ Shara from Source. RJ Shara is a Bay Area Radio Host (Radio Jockey) who talks about the startup ecosystem – entrepreneurs, investments, policies and more on her show The Silicon Dreams. The show streams on Radio Zindagi 1170AM on Mondays from 3.30 PM to 4 PM.