- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Is it time to penalize companies who suffer a data breach?
Posted on 5/8/26 at 9:59 am
Posted on 5/8/26 at 9:59 am
You can’t live today without giving your information to tons of companies, who all swear it is secure.
Then it gets hacked and dumped.
It makes you wonder just how serious a lot of these companies are actually taking data security.
Get hacked? Offer a year of “monitoring” that pretty much everyone already has. No real reputational risk or cost at this point,
This likely means companies are using the cheapest possible methods to secure data. Combine that with the fact that much of your data is sent overseas so that “John” from some fourth world country making seven cents an hour can attempt to provide customer service.
Is it time for companies to face financial penalties when their data is stolen? Would that cause companies to take this more seriously?
It’s hard to see hackers outwitting the best security options, but easy to see them outwitting the cheapest ones.
Then it gets hacked and dumped.
It makes you wonder just how serious a lot of these companies are actually taking data security.
Get hacked? Offer a year of “monitoring” that pretty much everyone already has. No real reputational risk or cost at this point,
This likely means companies are using the cheapest possible methods to secure data. Combine that with the fact that much of your data is sent overseas so that “John” from some fourth world country making seven cents an hour can attempt to provide customer service.
Is it time for companies to face financial penalties when their data is stolen? Would that cause companies to take this more seriously?
It’s hard to see hackers outwitting the best security options, but easy to see them outwitting the cheapest ones.
This post was edited on 5/8/26 at 10:03 am
25
Posted on 5/8/26 at 10:02 am to LSUFanHouston
Are you the hacker channel rep or hacker itself?
Skeptic in me thinks Data security industry loves them some fear!
I sometimes wonder if they are not market creators in some form (anti virus code writing in front office, and virus code writing in back office underground).
Skeptic in me thinks Data security industry loves them some fear!
I sometimes wonder if they are not market creators in some form (anti virus code writing in front office, and virus code writing in back office underground).
This post was edited on 5/8/26 at 10:04 am
Posted on 5/8/26 at 10:02 am to LSUFanHouston
Sometimes I wonder if it's all fear based marketing for McAfee, Norton 360, etc.
Posted on 5/8/26 at 10:05 am to Everyday Is Saturday
quote:
Are you the hacker channel rep or hacker itself?
No
quote:
Skeptic in me thinks Data security industry loves them some fear!
I’m sure fear sells product. The problem is the people who are afraid do not control the data storage, and the people who do control the data storage are not afraid
Posted on 5/8/26 at 10:06 am to LSUFanHouston
Does this only apply to e data?
Do companies get penalized for robberies? Arson? Blackmail?
Can we penalize them if anything bad happens to them? They can prevent everything, right?
Do companies get penalized for robberies? Arson? Blackmail?
Can we penalize them if anything bad happens to them? They can prevent everything, right?
Posted on 5/8/26 at 10:21 am to forkedintheroad
quote:
Do companies get penalized for robberies? Arson? Blackmail?
When a company gets hit with arson, is personal data taken?
When a company is robbed, do the customer suffer?
Posted on 5/8/26 at 10:22 am to LSUFanHouston
Only way to stop data hacking is to make the data worthless.
Posted on 5/8/26 at 10:23 am to LSUFanHouston
Never happen because all levels of government would be included.
If you ever notice the only part of the federal gov that never has been deeply dug into is the IRS.
If you ever notice the only part of the federal gov that never has been deeply dug into is the IRS.
Posted on 5/8/26 at 10:24 am to LSUFanHouston
I think this is definitely one of those "it depends" situations. If these companies have very basic security systems in place and are using the bottom of the barrel systems; absolutely as they are protecting their bottom line more than the sensitive data, they are storing. But even some of the most robust systems can be vulnerable to date breaches.
And wasn't there a situation a few years back where a lot of companies had data breaches because a cloud system, that supposedly had great security systems, was breached and exposed their customers data. Is this Target/Sony's burden if they believed they were doing everything they could to protect that data, but a contractor failed at their job?
And wasn't there a situation a few years back where a lot of companies had data breaches because a cloud system, that supposedly had great security systems, was breached and exposed their customers data. Is this Target/Sony's burden if they believed they were doing everything they could to protect that data, but a contractor failed at their job?
Posted on 5/8/26 at 10:25 am to LSUFanHouston
Ever since the Louisiana DMV hack, my spam calls and texts have had an exponential increase. Screw the DMV! 
Posted on 5/8/26 at 10:26 am to LSUFanHouston
In my opinion it would be tough to enforce because its a constant game of cat and mouse between cyber security experts and unethical hackers.
Posted on 5/8/26 at 10:26 am to LSUFanHouston
Instructure/Canvas Hack?
Posted on 5/8/26 at 10:28 am to Shexter
It’s warranted fear, not for marketing. There are state-sponsored threat actor groups who have tech at their disposal which is not known to exist in the wild. These groups are always a step ahead of the cybersecurity industry and soon they’ll be using AI-powered vulnerability scanning at scale. This technology is finding previously unknown vulnerabilities on a massive scale.
This is part of the reason why penalties for data breaches would be insignificant and detrimental. The shame, bad optics and the loss of money plus potential class action suits is the other part of the equation, and is penalty enough.
This is part of the reason why penalties for data breaches would be insignificant and detrimental. The shame, bad optics and the loss of money plus potential class action suits is the other part of the equation, and is penalty enough.
This post was edited on 5/8/26 at 10:29 am
Posted on 5/8/26 at 10:28 am to LSUFanHouston
It you are materially affected and can prove negligence on the part of the company, you can sue them. So if they are negligent in protecting their data, they already are punished.
Posted on 5/8/26 at 10:35 am to Weekend Warrior79
quote:
And wasn't there a situation a few years back where a lot of companies had data breaches because a cloud system, that supposedly had great security systems, was breached and exposed their customers data. Is this Target/Sony's burden if they believed they were doing everything they could to protect that data, but a contractor failed at their job?
Correct. And honestly sometimes these entities breaching data are just one step ahead of the developers and security folks (to no fault of their own).
I liken it to doping during the Olympics. The drugs get ahead of the testing (which is why they keep samples and retest down the road) because the testing can’t develop fast enough to stay ahead.
Posted on 5/8/26 at 10:42 am to Naked Bootleg
quote:
It’s warranted fear, not for marketing. There are state-sponsored threat actor groups who have tech at their disposal which is not known to exist in the wild. These groups are always a step ahead of the cybersecurity industry and soon they’ll be using AI-powered vulnerability scanning at scale. This technology is finding previously unknown vulnerabilities on a massive scale.
This is part of the reason why penalties for data breaches would be insignificant and detrimental. The shame, bad optics and the loss of money plus potential class action suits is the other part of the equation, and is penalty enough.
100%. I'm not a tech guy, but about a decade ago I did some work for a software company that had a well respected cyber security consulting practice.
I ate lunch with the honcho of that outfit one day, and it happened to be the same week Anonymous had hacked Lockheed and a bunch of other big defense companies. I asked him how that was possible, given their massive resources.
He basically said the same thing you did. That it was a perpetual game of cat-and-mouse, and the the really bad guys had state sponsorship, talent, and unlimited resources. If they decide they want to hit you, they can camp out and surveil your network and security for months before making a move.
And that was a decade ago and a long time before they had the benefit of AI tools to accelerate the timeline for all their activities.
So yeah, punishing the victims is a bad idea.
Posted on 5/8/26 at 10:47 am to LSUFanHouston
In my industry, (banking) if you do not have what are deemed "proper safeguards" and yearly "anti-hacking" tests then the regulators will certainly impose monetary penalties and some people are going home when you have a breach.
This post was edited on 5/8/26 at 10:48 am
Posted on 5/8/26 at 10:51 am to Sharlo
quote:
That it was a perpetual game of cat-and-mouse, and the the really bad guys had state sponsorship, talent, and unlimited resources.
So should the US government work with companies so everyone is on same playing field?
Posted on 5/8/26 at 10:53 am to Weekend Warrior79
quote:
I think this is definitely one of those "it depends" situations.
Any penalty scheme has an investigative arm. If the company is doing the best they can, they should not be penalized.
quote:
And wasn't there a situation a few years back where a lot of companies had data breaches because a cloud system, that supposedly had great security systems, was breached and exposed their customers data. Is this Target/Sony's burden if they believed they were doing everything they could to protect that data, but a contractor failed at their job?
Go after the contractor. Only go after the company here to the extent they cheaped out on the contractor selection
Posted on 5/8/26 at 10:55 am to Naked Bootleg
quote:
The shame, bad optics and the loss of money plus potential class action suits is the other part of the equation, and is penalty enough.
Honestly, does this have an impact?
Page 1 of 3
Popular
Back to top
Follow TigerDroppings for LSU Football News