Slashdot Mirror

← Back to Stories (view on slashdot.org)

Millions of Records Leaked From Huge US Corporate Database (zdnet.com)

Posted by msmash on from the security-woes dept.

Millions of records from a commercial corporate database have been leaked. ZDNet reports: The database, about 52 gigabytes in size, contains just under 33.7 million unique email addresses and other contact information from employees of thousands of companies, representing a large portion of the US corporate population. Dun & Bradstreet, a business services giant, confirmed that it owns the database, which it acquired as part of a 2015 deal to buy NetProspex for $125 million. The purchased database contains dozens of fields, some including personal information such as names, job titles and functions, work email addresses, and phone numbers. Other information includes more generic corporate and publicly sourced data, such as believed office location, the number of employees in the business unit, and other descriptions of the kind of industry the company falls into, such as advertising, legal, media and broadcasting, and telecoms.

3 of 66 comments (clear)

  1. fast solution by supernova87a · · Score: 5, Insightful

    $1 penalty per leaked / stolen record, imposed by the FTC/SEC/SSA/CFPB will quickly remedy this problem. As long as the value of private personal information is intangible, the value it will be assigned in companies' risk assessments and capital plans is $0.

    But I guess that would be a burdensome regulation under our new regime.

    1. Re:fast solution by Bob+the+Super+Hamste · · Score: 4, Insightful

      Personally I would like it to be $10 per record paid to the person who the record is on. If it record contained some critical info like SSN or last 4 digits of SSN then make it $1000 per record. Granted those values don't actually cover the cost of the impacted individual in dealing with these situations (hey we leaked your SSN, mother's maiden name, and first pet's name so now you get to deal with fraud committed by others for the rest of your fucking life) but it would go a long way to ensuring that companies take some measures to actually protect personal data.

      --
      Time to offend someone
  2. Re:A leftist cost-based solution won't work. by Anonymous Coward · · Score: 2, Insightful

    It's actually quite simple: just avoid storing all of this sort of data to begin with!

    Gawd what a stupid suggestion.

    It costs money to store this shit (even insecurely). So why do companies do it? Because they believe that the value of the data outweighs the cost of storing it.

    So your idiot "just don't do that" suggestion is basically asking companies to walk away from money because. . .why? Why would they do that?

    Would criminalizing the storage of certain data be "non-leftist"?