I don't see why a company would pay a ransom to protect their customers from identity theft -- the losses are public, while the costs to them are a very small number of customers that read about this, think they're likely to lose the data again, didn't already lose their data in this leak, remember this story at the time of purchase, and value that more than things like ticket time or ticket price. I don't think the hackers should be making any money this way.
> The Qantas data, which was stolen from a Salesforce database in a major cyber-attack in June, included customers’ email addresses, phone numbers, birth dates and frequent flyer numbers. It did not contain credit card details, financial information or passport details.
Curious, what's the worst a bad actor do with name, email address, phone number and birth date?
This topic is always a mixed bag for me, on the one hand I don't think you should pay ransom groups as it encourages more, but also their security should be better.
> “No company wants to see, you know, hundreds of thousands, or, millions of records of their customers just on the internet,” Kirk said. “That’s awful. It’s awful for the companies. It’s awful for the people affected.”
This reads to me like : "Well yeah sorry to our customers, but we're not taking a loss for our incompetance"
12 comments
[ 2.6 ms ] story [ 34.7 ms ] threadSo all things that have likely been leaked 30 times already? Perhaps except the fly miles
Don’t pay the ransom, hackers release a subset to the public for free, then sell the rest privately
Good on Quantas for not negotiating, bad on them for shit security.
Curious, what's the worst a bad actor do with name, email address, phone number and birth date?
> “No company wants to see, you know, hundreds of thousands, or, millions of records of their customers just on the internet,” Kirk said. “That’s awful. It’s awful for the companies. It’s awful for the people affected.”
This reads to me like : "Well yeah sorry to our customers, but we're not taking a loss for our incompetance"
There's no winners here.
meanwhile I am struggling to confirm my identity to Google, what the .. :`)