Jesus, no kidding. You'd think that at least a phone call to verify. Presumably, with that much money involved, it's worth a few minutes on the phone for each one.
I think a lot of businesses have this or something else coming. There is such a massive indifference to security around in certain companies that reporting legitimate issues will feel embarrassing.
I agree. Frankly, I think most people don't give a fuck about security. I can't explain why. If all this shit was happening at gun point, we'd have declared a massive national emergency by now. But because it's "cyber" it does not seem to freak the fuck out of people like it should. I wish I understood.
From my experience, it's a combination of "What's the worst that could happen", "It wouldn't happen to us", and "That's what we have insurance for". Not the most reassuring thing.
Yes, and the cost is born by the users. This point made a lot more sense when a credit union in my home state of Oregon sued a fucking noodle chain for a breach that ended up costing the credit union a lot of money as their customers were affected by the breach. The credit union is suing the noodle company. The noodle company probably didn't really worry too much but between the law suit and the bad publicity, I have a feeling they're going to place a higher value on security. I never went to that noodle place but it made me realize how many places our data lives. The fucking noodle house can turn your life upside down if they don't have their act together?!
http://www.scmagazine.com/class-action-lawsuit-filed-against...