Retailer TJX will pay $9.75 million to settle charges related to its 2007 data breach that exposed the financial details of thousands of customers, reports consumeraffairs.com. It is the farthest-reaching data breach settlement to date.
As stunning a piece of news as that is I am even more saddened by the following news from Cornell University. After years of hammering the point, laws passed, all of the white papers, and articles written about personal data safety and enterprize liability, why are we still seeing this kind of news? EVERY entity that maintains personal data of ANY kind needs to take care of business. There are no excuses and no arguments to the contrary. Business owners, what more do you need? Cornell just offered to pay at least $1,125,000 for credit monitoring alone at the current going rate. That is a small fraction of what this breach will eventually cost the school.
Cornell University announced that police are investigating the theft of a school laptop containing the personal information--including Social Security numbers--of approximately 45,000 students, alumni, faculty and staff. The Associated Press reports that the laptop was stolen from a Cornell technician and there are, so far, no known misuses of the data. The university sent a letter to those individuals whose records were on the computer, offering a free year of credit services. It has also set up an FAQ page on the Cornell Web site. Full Story