Slashdot Mirror

← Back to Stories (view on slashdot.org)

158 Million Records Exposed (And Counting)

Posted by CmdrTaco on from the do-i-get-a-vitamin-now dept.

Lucas123 writes "According to the The Privacy Rights Clearing House 158 million records have been exposed over the past two years as a result of inadequate security. Data's less secure today because as fast as banks, merchants and consumers add new layers of security to their storage systems and networks, new technologies — or simply careless users — create new security holes, according to Bob Scheier at Computerworld."

3 of 106 comments (clear)

  1. Solution is simple... by Bomarc · · Score: 5, Interesting

    At a state level (We could never get our Fed legislative critter to do something for the people) have a 'data protection' right. Bottom line: You lose data: you pay the people who's data you had. You fail to notify the people you pay double. If the information is actually used, damages are double plus ACTUAL / ON GOING losses.

    Bottom line: Lock up your data!. We learned this back in the days of the wild west. Now we must - relearn; reinvent the safe for the 21st century data.

  2. Re:i read it somewhere else by Billosaur · · Score: 5, Insightful

    As many people will point out, at some point you have to take responsibility for your own information. It's not the data breaches themselves that are really the issue, but the fact that once your data gets into the wild, it can be used for nefarious and often illegal purposes, and that's there is no easy way to deal with the problem. Anyone who gets their identity stolen literally spends years writing letters and making calls to various companies to indicate that in fact their identity was stolen and they are not responsible for the misuse of it. When it comes to clearing things up with the major credit monitoring services, it can be downright frustrating to get them to make necessary and factual changes to your credit report in order to get the matter cleared up.

    We don't just need laws to make companies liable, we need a system in place to make sure that when data breaches do occur, that those affected can restore some semblance of normalcy to their lives with the minimum of fuss. And we need laws in place to define just what data any particular company can collect (remember: your SS# is not supposed to be used as any kind of identifier except for tax purposes) and more importantly, how that data should be stored (mandatory encryption).

    --
    GetOuttaMySpace - The Anti-Social Network
  3. Re:i read it somewhere else by JonXP · · Score: 5, Insightful

    "The only way to truly end this is to remove the ability to use the data online, and require face-to-face authentication."

    Because, as we all know, fraud and identity theft did not exist before the advent of the internet.

    --
    Still IMing in the stone age?