There are no insignificant breaches: Why all compromised data matters



No organization wants to suffer a data breach in which highly sensitive or personal data is compromised. But what about a data scraping incident that involves less sensitive information? How concerned should the company — and the people whose data was compromised — be?

Consider the data breach notification that Dell recently sent to many of its customers. The letter revealed that “limited types of customer information” was scraped from a customer database on a Dell portal. The compromised data included customers’ names and physical addresses, along with order information such as transaction dates, product serial numbers and warranty details. The notification emphasized that no payment, financial or “highly sensitive customer” information was obtained in the incident, and Dell asserted, “We believe there is not a significant risk to our customers given the type of information involved.”



Source link

Leave a Comment

Your email address will not be published. Required fields are marked *