Discussion in 'Article Discussion' started by bit-tech, 27 Nov 2017.
Friggin three years ago that happened, and know they tell it top their customers. There should be laws requiring them to tell such thing immediately.
I mean, if they don't know it's happened, how can they tell anyone?
If you want to store customers data, you should need mandatory insurance.
The insurance companies can then evaluate how safe the data is stored thus how much they gotta pay.
Companies will hold less data and hold it more securely.
Then each customer gets comp every time it's stolen - that's pretty much all of us, now or in future
Hopefully the GDPR will fix some of these issues, since imgur will be holding private data (email addresses, etc.) of EU citizens they will be accountable and they must notify of a breach within 72 hours.
It's understandable that these breaches do happen, security is a hard game and social engineering is very effective if someone wants to get into their database. What isn't acceptable is using SHA-256 to hash passwords all the way up to LAST YEAR. Absolutely shocking practise for a silicon valley company.
The worst thing is, that all these social media sites now require your phone-number and stuff. Who would ever give their real-life data to these sites? That's the problem right there imho, the collection of actual real life data. I couldn't care less about my spam eMail-adress i use to register on internet-sites, I would never use my business or personal eMail for this tho. And I certainly never would give any of these sites my real name, my adress, or phone-number.
Them requiring your real data, makes this much more risky, and so I'm absolutely with greigaitken on this, that every company holding real-life data like names, adresses, phone-numbers, bank-accounts, etc should be held up to a higher standard and be required to have insurance to compensate it's customers, if there's something happening.
Separate names with a comma.