Mani MasoodUber lost the full names, addresses and phone numbers of its 2.7 million users in the 2016 attack, and as a result it is now being fined by different governments. Uber paid Euro 600,000 for effected 174,000 Dutch users, British Pound 385,000 for UK customers, and reportedly Uber paid a whopping $148 Million in settlements in the US.
Furthermore, Uber had paid $100,000 to the hackers themselves to destroy the data and not to release it on the internet.
What was worse in Uber data breech case, that the data was stolen thanks to “avoidable data security flaws”, said Steve Eckersley of the Information Commissioner’s Office.
This strategy poses two philosophical challenges among many other legal in a hacking data loss event, one your encouraging other hackers to target your organization because you are good paymaster, and second you are negotiating and entering into agreements with cyber criminals – in turn legitimizing them.
The latter raises further questions and implication. By charging such hefty fines, are encouraging a circular economic benefit. Where the companies pay these massive fines either through insurances or through the pockets of shareholders to the government who treat these a revenues earned through fines.
All the while, the real victims are left clueless and compromised.
These high-profile hacking cases and stories have normalized the severity of hacking data loss, and most companies are neither investing enough nor taking this beyond lip service.
Imagine what would happen if some broken in to the neighborhood and stole 5 credit cards out of 5 different homes, what reaction would the people have at the Sheriff’s office.
You can read the full story here Source link
MMasood
