7 comments

[ 4.8 ms ] story [ 30.3 ms ] thread
Three months SUSPENDED sentence for 18 months of keeping the hack under the rug? Joke of a verdict and a slap to the faces of victims.
For sure, and to top it off:

> For his part, Tapio has denied committing an offence, and claimed that the responsibility for the breach fell on the shoulders of former members of the company's IT team.

The responsibility for hiding the hack and failing to correct the problems surely lies on the company management though, right?

This seems like yet another case where a company thinks keeping quiet and pretending nothing happened will be more profitable.

Absolutely. It is also the job of management to put processes in place to have effective security and to require audits.

The fact the CEO accepts no responsibility and blames a mistake made by IT is worrying and he should not be allowed to hold management positions again.

root:root on anything is negligence and is a civil matter. This should never have been tried in criminal court in the first place.

His incompetence was exposed by a criminal act, but it isn't what compromised the patients.

Hacking doesn't just happen as random acts of God. Failing to protect against criminals should never be a crime in itself.

Failing to protect medical records should be a criminal matter, and criminal negligence seems a common enough term I assume that it is real rather than a made up cop drama term.

Also the traditional justification for ludicrous compensation for CEOs etc is how much more risk and responsibility they have, and this seems to be the CEO baring (minimal) responsibility for the company’s actions.