And then of course there was the hack of 150 million user accounts at Under Armor in March. Is anyone in any executive suite or corporate board anywhere, ever going to take security seriously? Somehow I doubt it.
Let the typical (stereotypical?) corporate BS begin. Adidas Hack: Brand Warns a “Few Million” Customers Hit
They got hacked.
“Adidas is committed to the privacy and security of its consumers’ personal data,” the release read. “Adidas immediately began taking steps to determine the scope of the issue and to alert relevant consumers. Adidas is working with leading data security firms and law enforcement authorities to investigate the issue.” It will alert victims while conducting a forensic review, the brand added.
A more useless piece of corporate, ass-covering, boilerplate would be hard to find.
They are committed to security. But they are not “committed” to giving out any useful data. Like where. When. etc. If you did any business on their website, best update everything. They are admitting to user names and passwords being compromised. “No reason to believe” that credit card data was hacked.
The attacker(s) located, modified, and used this script to extract the payment information of Ticketmaster customers processed between February and June 2018.
40,000 UK users have been hacked.
Seperately, on Thursday, digital banking service Monzo said it alerted Ticketmaster to the data breach in April, despite the company’s claims that it hadn’t learnt of the breach until June.
Given these claims that Ticketmaster was sitting on the breach for two months, the firm could potentially face a hefty fine under the EU’s new GDPR laws, that require firms to report data breaches without “undue delay, and where feasible, not later than 72 hours after having become aware of it.”
And the UK is still in the EU, and hence covered by GDPR.
I don’t get this months-long wait that most companies engage in. The situation is NOT going to get better on its own. It also isn’t going to go away if you ignore it. Is it just that executives are so bent about avoiding blame at all costs that they don’t want to let people take action to protect their accounts? At this point in history, I ALSO don’t get why the folks in the corporate suites aren’t getting manic about security. (Look up how much Maersk lines lost, or what happened to FedEx-European subsidiary, TNT.)