Which breach concerns you more?

Last week, LivingSocial announced a breach affecting 50 million customers.  The breach involved names, email addresses, and  passwords, but no Social Security numbers or bank account or credit card information.  The breach is getting a lot of press.

Last month, I reported on a lawsuit in which a John Doe company alleges the IRS apparently scooped up over 10 million people’s medical records/insurance information from their HIPAA-covered organization without a warrant.  The data were allegedly copied and taken in March 2011 and have not been returned.  That case did not draw a lot of media attention.

Assuming the facts in the second case are true as alleged, which incident worries you more, and why?


About the author: Dissent

Comments are closed.