AXEL Network Products:

AXEL GO - share and store files securely.

LetMeSee - photo sharing app.

  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

AXEL.org

  • Network
  • Technology
  • Applications
  • Blog
  • About
    • Team
    • Press
    • Careers
    • Patents
  • Contact Us
  • Login
    • AXEL Go
    • AXEL Cloud

August 14, 2018

6 textbook examples of how NOT to respond to a Data Breach (Seriously guys?)

Yahoo: Do nothing and pray it goes away

Why are we surprised at this?! When Yahoo suffered a breach in 2013, it decided to just keep quiet about the 3 billion accounts that were compromised. Surely this would prove to be an effective strategy?

LOL.

The news broke a whole FOUR years later, in 2017, that 3 billion accounts had been hacked, which is more than the company claimed in 2016, which is the first time anyone heard anything about a data breach. We shouldn’t really be surprised, as “do nothing and pray it goes away” has been Yahoo’s MO for quite some time now.

FriendFinder Networks: Take days to respond and then downplay the incident in a vague press release

FriendFinder Networks is a company that you’d reeeally want to keep your data secure. It operates AdultFriendFinder, a “sex and swinger community,” and when it suffered a breach in 2016, the response was slow and the press release was tepid. The company affirmed that it “encourages users to change their passwords,” and appeared to put most of the onus on the users, commenting that it would contact users “to provide them with information and guidance on how they can protect themselves.” Seriously?

This press release came after days of speculation, which is actually forever if you are a user of an adult website waiting to find out if your data has been made public.

Equifax: Fail to patch software, take forever to disclose breach, let execs sell their shares

Equifax has one of the shadiest timelines of this group, and competition was stiff here!! After failing to patch a known vulnerability in March 2017 in widely used open source software Apache Struts, the data of 143 million US customers was potentially exposed in May 2017. Then on July 29th, days after the breach was discovered, executives sold off nearly $1.8M worth of Equifax shares. Hmm….this looks bad, but maybe there’s something we don’t know here. (Read: there’s not. It’s bad.)

Ticketmaster: Pretend it’s not happening

Ticketmaster was alerted to a possible breach in April of 2018, but decided to do its best impression of an ostrich and just pretend it wasn’t happening until it received apparently irrefutable (or un-buryable) evidence on June 23rd. Online bank Monzo released a statement shortly afterward saying it spotted the breach in April, but Ticketmaster said nah after an internal investigation revealed no evidence of any such breach.

I’m confused. Are we just letting companies investigate themselves now? This is not how any of this should work. Anywho….

Facebook: Deny deny deny

Facebook didn’t suffer a breach. Instead, it voluntarily gave away a treasure trove of user data and then informed us that we had all agreed to it in the terms and conditions. Whoops – we should have read those, but they’re just so boring, and no one can recall seeing a line item that said “we will give away all your data, suckers, and there’s nothing you can do about it LOL.” I think I would have remembered that…..

To its credit, Facebook did admit that its data had been “improperly shared,” but didn’t go so far as to call it a breach. They didn’t go so far as to call us suckers either, but that doesn’t mean it isn’t true.

Exactis: Leave us all in suspense as if our data’s safety was a plot point in a Mission Impossible movie

None of this is entertaining, you guys. Apparently there is a “database with pretty much every US citizen in it” floating around the internet, according to security experts. That seems pretty bad.

But even worse, the company associated with the breach has stayed silent for days, which is deeply bumming out 230 million of us who would kindly like to know if our personal information is available online.

The bottom line

Data breaches are inevitable. Attackers are targeting companies on a daily basis. But ignoring the fact that a data breach has occurred, failing to patch a known vulnerability, putting the onus of dealing with a breach on users, and – most obviously of all – selling off your stock when you have insider information of a breach doesn’t help anyone. Companies need to be honest when they think a breach has occurred, or they risk losing their customers’ trust. And as our data multiplied exponentially, trust is becoming scarce.

Filed Under: Cybersecurity Tagged With: Breach, cybersecurity, data breach, equifax, facebook, online privacy, Privacy, Security, ticketmaster

Primary Sidebar

Recent Posts

  • AXEL News Update
  • AXEL Events
  • The Dangers of Leftover Attachments
  • How Secure Are Your Apps, really?
  • ABA GPsolo Roundtable Roundup
  • Our Continued Loss of Privacy
  • Casting a Shadow of Protection
  • Why Digital Sharding is the Future of File Storage
  • The Practical Applications of Web3
  • Archival With the Future in Mind
  • IPFS: Securing Our Privacy Future
  • What Do We Do About Social Engineering?
  • Five Simple Security Tricks
  • IPFS: The InterPlanetary Solution to Small Business Problems 
  • Schools: Our Cybersecurity Blindspot
  • The State of Privacy Laws in 2022
  • The Great Return (Back to the Office)
  • Artificial Intelligence is Here to Stay. How Will That Affect Businesses, Individuals, and Our Privacy?
  • Big Tech is Talking Privacy. What Does That Mean for the Future of Our Data?
  • How Technology Changed Business (And What That Means for the Future of the Industry)
  • Small Business Tech Trends of 2022
  • After the Cyberattack: What Happens to your Data Following a Breach?
  • Has School Surveillance Gone Too Far?
  • What Does Cyberwarfare Look Like? Just Ask Ukraine.
  • National Data Privacy Day: The Internet isn’t Anonymous Anymore
  • AXEL’s Guide to Remote Work
  • How Law Firms Should Handle Cybercrime
  • National Technology Day: How Tech has Changed the Way We Live

Recent Comments

    Footer

    Sitemap
    © Copyright 2022 Axel ®. All Rights Reserved.
    Terms & Policies
    • Telegram
    • Facebook
    • Twitter
    • YouTube
    • Reddit
    • LinkedIn
    • Instagram
    • Discord
    • GitHub