Rather than blaming the website, we should be laying the responsibility at the feet of the outsourcing services and data security will not be a deciding feature of the service contract.
and yeah, we got what we pay for..the cheaper price with risk for data breach..
i wonder if the FTC (Federal Trade commission) sue this small companies for having inadequate data security practices in violation of federal law..
Does this means that there's no guarantee at all when we are doing the business online?
In what sense does the HackerGuardian (with HackerSafe logo) and Scan Alert are there for?
And the funny part is, the cases aren't being report?
"..only about two percent of all data thefts from online merchants get reported.."
Now I see why this data breaches still can't be prevented. Further more, there still exist bunch of people who use the vendor supplied default password for their activity. This does not differ then just give the permission to breach their data..
"The most likely threat to information security is not the typical hacker, virus or worm, but rather the malicious or careless corporate insider."
A study reveals that sixty-nine percent of companies reporting serious data leaks responded that their data security breaches were the result of either malicious employee activities or non-malicious employee error. In fact, the number one leading cause of data security breaches resulted from non-malicious employee error."
Slashdot Mirror
Rather than blaming the website, we should be laying the responsibility at the feet of the outsourcing services and data security will not be a deciding feature of the service contract. and yeah, we got what we pay for..the cheaper price with risk for data breach.. i wonder if the FTC (Federal Trade commission) sue this small companies for having inadequate data security practices in violation of federal law..
Does this means that there's no guarantee at all when we are doing the business online? In what sense does the HackerGuardian (with HackerSafe logo) and Scan Alert are there for? And the funny part is, the cases aren't being report? "..only about two percent of all data thefts from online merchants get reported.." Now I see why this data breaches still can't be prevented. Further more, there still exist bunch of people who use the vendor supplied default password for their activity. This does not differ then just give the permission to breach their data..
What about data breaching from the inside?
..http://www.prnewswire.com/cgi-bin/stories.pl?ACC T=104&STORY=/www/story/02-08-2005/0002986646&EDATE =/
"The most likely threat to information security is not the typical hacker, virus or worm, but rather the malicious or careless corporate insider."
A study reveals that sixty-nine percent of companies reporting serious data leaks responded that their data security breaches were the result of either malicious employee activities or non-malicious employee error. In fact, the number one leading cause of data security breaches resulted from non-malicious employee error."
Read more here
How to deal with this?