D : Data mishaps
Category: NachrichtenBy: R. Olschewski - 2B Advice GmbH - the privacy benchmark
2009 - The year of data mishaps - and 2010 isn't looking any better
In 2009, a hacker caused the online platform SchülerVZ to reveal the personal data of 1.6 million users. The young man committed suicide while being held in pretrial detention. He was able to obtain the user data merely with the help of software and a little luck in combining numbers.
Various media report that the Internet platform Libri was obviously unable to protect hundreds and thousands of clients from data loss as well.
Even the Deutsche Bahn (German Railways) and the retail trade attracted attention as a result of several relevant data security breaches, and it was alleged that the Internet platform of the Bundesagentur für Arbeit (German Federal Employment Agency) also inadvertently posted user data online.
In 2009, the trading of address data through call centers, which were generously supplied with client data by telecommunication companies, was already flourishing. This was basically possible due to the fact that the procedures, in particular the whereabouts of the data, the reliability of the service providers and the necessity of transferring the data, were not effectively monitored. It remains to be seen if things will improve in 2010, even if a different way of thinking can be observed within the industry.
However, the trend towards major data scandals would appear to be continuing in 2010. For example, Google has attracted attention in the course of its "Street View" project and the fact that the private WLAN data of the respective street residents was also recorded at the same time has caused the multi-billion dollar enterprise considerable legal problems, such as claims submitted by those involved and data protection agencies regarding the right to information and cancellation, and measures taken against the documented municipalities' failure to act. In the end, mass intervention by data protectionists put an end to this grotesque procedure, and the outcome of the summary proceedings negotiated in Hamburg remains to be seen.
Also affected by another data leak in 2010 was a renowned health insurance company, which was unable to protect 1.2 million dollars worth of client data and was blackmailed by criminals as a result.
Apart from the claims regarding the right to information and cancellation and duties and obligations under the Federal Data Protection Act that are subject to penalties, there is also the risk that the company opens itself up to blackmail as a result of data mishaps and insufficient data security.
Those employees and criminals, who make unauthorized copies of data files and offer such copies for sale on the market for information acquisition, may, in doing so, cause financial losses that far exceed a monetary fine.
The list of data scandals both at home and abroad will most likely keep growing as long as many companies continue to underestimate the importance of data security.
(748 times viewed)