BreachExchange mailing list archives
Banks, Finance Firms Targeted by Europe Union in Crackdown on Data Privacy
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Wed, 22 Jun 2011 01:28:17 -0400
http://www.bloomberg.com/news/2011-06-20/banks-finance-firms-targeted-by-eu-in-crackdown-on-data-privacy.html Banks will be among companies forced to notify authorities of “serious” leaks of customer data in a crackdown after hackers targeted Sony Corp. (6758) and Sega Sammy Holdings Inc. (6460), the European Union’s top privacy official said. Recent “data theft scandals” show that all industries, including financial companies, should do more to keep customers’ personal data secure, EU Justice Commissioner Viviane Reding said today in London, according to prepared remarks. “I understand that some in the banking sector are concerned that a mandatory notification requirement would be an additional administrative burden,” said Reding. Such an obligation “is entirely proportionate and would enhance consumers’ confidence in data security and oversight.” Data breaches at Tokyo-based Sony and other companies have sharpened regulators’ scrutiny of how businesses safeguard consumer information and notify the public about cyber attacks. Sony has been criticized by lawmakers for taking six days to disclose an attack that exposed 100 million customer accounts and prompted the temporary shutdown of the company’s PlayStation Network. Sega, a Japanese game maker, suspended some online services after discovering a leak of personal data including names and e- mail addresses on almost 1.3 million customers at its European unit. No customer credit-card data was compromised. “Whether it is the PlayStation, Google or Facebook, I can well understand if users lose trust in the internet and in companies offering online services,” Reding said. A mandatory requirement to notify data breaches is already in place in the EU for telecommunications and Internet access, she said. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- Banks, Finance Firms Targeted by Europe Union in Crackdown on Data Privacy Jake Kouns (Jun 22)