BreachExchange mailing list archives
Re: Senator questions FBI on ChoicePoint contract
From: Chris Walsh <cwalsh () cwalsh org>
Date: Fri, 7 Apr 2006 13:34:37 -0500
On Fri, Apr 07, 2006 at 01:30:25PM -0400, security curmudgeon wrote:
Seems like such an incident would take a lot to recover from. So, for the list subscribers, what would it take for you to resume business with a company that lost your data?
"It depends". If a mom and pop operation trusted a consultant to set up their POS system, and they exposed my CC#, but fixed it fast and put in measures to detect/prevent a recurrence, I'd continue to do business. If a hospital, pharmacy, or HR benefits service provider exposed my data via a screwup on the level of CardSystems, I would (assuming I had a choice) never, ever, go back. In fact, to use the benefits provider or pharmacy examples, I would inform future employers during the negotiation/offer process that their routing my PII through these outfits was a deal killer. Especially where there is competition (Big 4, please pay attention), this is a way to effect change, IMO. In other words, could they have known, should they have known, how much was actually put at risk, and what did they do about it would all be things I would use in my decision-making. _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
Current thread:
- Senator questions FBI on ChoicePoint contract lyger (Apr 07)
- Re: Senator questions FBI on ChoicePoint contract security curmudgeon (Apr 07)
- Re: Senator questions FBI on ChoicePoint contract Chris Walsh (Apr 07)
- <Possible follow-ups>
- Re: Senator questions FBI on ChoicePoint contract *Hobbit* (Apr 07)
- Re: Senator questions FBI on ChoicePoint contract blitz (Apr 08)
- Re: Senator questions FBI on ChoicePoint contract security curmudgeon (Apr 07)