- New York payments startup exposed millions of credit card numbers by TechCrunch. Yikes.
- JPMorgan tells small business customers to apply with other banks on fear that funds will run out by CNBC. Sadly I think most other banks are in the exact same position.
- Branson to mortgage Caribbean island as he seeks Virgin bailout by The Guardian.
- Delta Denies Discussing Big Sale Of Miles To American Express To Raise Cash by VFTW
Deals starting/expiring at the end of today or starting today (view the full deal calendar here):
Deals starting/expiring at end of tomorrow:
Popular posts from yesterday:
Amex is saving their money to bail themselves out when consumers don’t pay their cc according to that earnings report today…
The problem isn’t that the server wasn’t password protected — that’s bad but eventually that kind of lapse will happen — the problem is the data was stored as plain text. Security is created by having layers of protections, not relying on the sysadmin to remember to put passwords on every server migration.
Data security is a bit of a catch-22 — everyone talks about how “critical” it is but then every data breach class action pays out at 20 cents per case, suggesting the data isn’t really worth much. Courts need to do their part if we expect companies to change
And also a big pet peeve — settlements requiring you to use a third party commercial company for credit monitoring if you don’t already have it, instead of taking a cash payout. Court mandated profits for that company. Great.
You are always free to opt out of a class action settlement and pursue an individual claim for damages.
Correct, the penalty for breaches for the company needs to be so harsh that implementing better processes for others becomes the better alternative.
I would argue both are heinous. You’re right that Defense-in-Depth is the real strategy, but missing either of those basic controls are grave mis-steps for any sysadmin or architect.