Yesterday's revelation that LexisNexis' may have "lost" more information than originally reported last month has everybody groaning, including me. It's not the groan of "oh-my-god, I can't believe this has happened". It's more like a groan you let out when your dislocated joint is reset.
Up to 10 times as many people as originally thought may have had their profiles stolen from a LexisNexis database in the United States, publisher and data broker Reed Elsevier said.
The company reported last month that criminals may have taken personal details of 32,000 people through a breach of LexisNexis' recently acquired Seisint unit. It now says that figure is closer to 310,000 people.
Most security experts predicted breaches like this. As long as somebody somewhere hoards data on individuals, there will be those who want to exploit it, legally and illegally. Today, congress, in its eternal quest to seem like it's doing something, is blow-harding "there ought to be a law" sound bites. Naturally, anything congress actually does will be completely ineffective as it gets watered down through the approval process. There are already laws concerning this type of behavior, but the criminals don't care.
I'm not a huge fan of data mining companies like LexisNexis. However, that industry will be punished for the actions of criminals. It's like passing a law that all houses have bars on their windows since it's so easy to break the glass and enter. Yes, security is important and companies should try prevent breaches like this. But where is the outcry over the actions of the perpetrators? All I see is blame directed toward LexisNexis, albeit it is somewhat justified. I just want the criminals to get their share, too.
I don't like the fact that my social security number is for sale. If congress can actually pass something reasonable and ensure it's enforceable, then I'm okay with that. However, I would like to see more funding directed toward the actual criminals than the companies themselves. Companies should be encouraged to increase and improve security, but not at the expense of tax payers. All we need is one more regulated industry to speed up our downward spiral into bureaucratic neverland. Laws are ineffective unless there is a way to enforce them. We already have the FBI and their job is to investigate and arrest criminals, as well as build a case for prosecution. Why can't they get more funding to enforce existing hacking laws and identity theft laws?
I bet anything that congress will pass laws to tighten the data mining industry, but the hackers who stole 310,000 names with the accompanying personal information may never be caught.
Popularity: 1% [?]
Long Way From Home by The Heavy