BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Banks, Finance Firms Targeted by Europe Union in Crackdown on Data Privacy

From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Wed, 22 Jun 2011 01:28:17 -0400
http://www.bloomberg.com/news/2011-06-20/banks-finance-firms-targeted-by-eu-in-crackdown-on-data-privacy.html

Banks will be among companies forced to notify authorities of
“serious” leaks of customer data in a crackdown after hackers targeted
Sony Corp. (6758) and Sega Sammy Holdings Inc. (6460), the European
Union’s top privacy official said.

Recent “data theft scandals” show that all industries, including
financial companies, should do more to keep customers’ personal data
secure, EU Justice Commissioner Viviane Reding said today in London,
according to prepared remarks.

“I understand that some in the banking sector are concerned that a
mandatory notification requirement would be an additional
administrative burden,” said Reding. Such an obligation “is entirely
proportionate and would enhance consumers’ confidence in data security
and oversight.”

Data breaches at Tokyo-based Sony and other companies have sharpened
regulators’ scrutiny of how businesses safeguard consumer information
and notify the public about cyber attacks. Sony has been criticized by
lawmakers for taking six days to disclose an attack that exposed 100
million customer accounts and prompted the temporary shutdown of the
company’s PlayStation Network.

Sega, a Japanese game maker, suspended some online services after
discovering a leak of personal data including names and e- mail
addresses on almost 1.3 million customers at its European unit. No
customer credit-card data was compromised.

“Whether it is the PlayStation, Google or Facebook, I can well
understand if users lose trust in the internet and in companies
offering online services,” Reding said.
A mandatory requirement to notify data breaches is already in place in
the EU for telecommunications and Internet access, she said.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/
Previous By Date Next
Previous By Thread Next

Current thread: