Announce A Data Breach And Say It’s No Big Deal?
Evan Schuman comments on the recent Blippy breach and lessons that should be learned:
Data Breach Etiquette Rule #8: The moment you announce you screwed up and exposed customers’ payment data to cyberthieves is a really bad time to lecture customers that “it’s a lot less bad than it looks” and that “it’s important to remember you’re never responsible if someone uses your credit card without your permission.” That rule is especially valid, as in the tale we’re about to tell, when both of those sentences are quite likely wrong.[…]
We couldn’t put it any better than did Patricio Robles at EConsultancy: “Most cardholder agreements protect the cardholder against unauthorized charges provided that the cardholder has taken reasonable measures to protect his or her card against loss or theft. Can individuals willingly sharing purchasing information with a service like Blippy really claim to be exercising reasonable care to safeguard their credit card details?”
Read more on CBS.