Data Hacks and breaches – how big companies have lost trust and what can they do to protect customers
Data hacks are the number 1 concern in the minds of consumers right now. They lack trust in these large organizations, and don’t want to participate in their campaigns or promotions anymore. They are even getting more hesitant to transact online and prefer cash on delivery. This has multinational impact on the cost of goods as the collection of money, and the added resources required to convince customers that it’s OK, is cumbersome. Therefore, a new highlight should be given to the matter and what companies can do to prevent such a hack from occurring.
Let’s go international for a second and look at what technology experts at MIT have to say about it. Alex Pentland, Prof at MIT has been developing new rules and international standards that companies can follow to protect themselves. In other words, Alex is solving the problem head on at the MIT university.
“The New Deal (new regulations) would give people the ability to see what’s being collected and opt out or opt in. Imagine you had a dashboard that showed what your house knows about you and what it shares, and you could turn it off or on. Maybe there’d be some best practices concerning that data.
Transparency is key. The data being recorded about you will form a fairly complete picture of your life. You need somewhere to store and manage it, because it’s very valuable when it’s together in one place. Seeing all the patterns of your life allows you to personalize medicine, personalize insurance, personalize finances. “
With Equifax having one of the biggest data hacks in recent memory, its safe to say that we’ve all learned a lesson. But have we? Even after 140 million names, addresses, and social security numbers were leaked, the Equifax team fell for a classic trap and confused its customers deeply. They led unsuspecting customers to a fake website and destroyed trust even further. The worst part about it all? Equifax knew this data had been breached almost 3 weeks before it decided to take any action against it.
All that CEO, Richard F. Smith, could do was to take ownership and move on from this horrendous breach. However, with mainstream media bashing the company across online and offline, no one will be returning to Equifax to do repeat business.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes. I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”
Every major company, from Uber to Yahoo has been hacked, with only a handful of companies remaining safe from the lenses of hackers. Even the Aadhar card database was leaked, and it was made apparent that hackers can make a back-door key to access the database for a day or two.
Investigation by The Tribune newspaper revealed that you could create a login and password for a few members of a WhatsApp group to create a backdoor for the UIDAI database. The best part about this all was that you could buy this key for only INR 500 for 10 minutes. INR 300 more if you wanted to print it. That’s the price of our country’s privacy according to the report. The UIDAI couldn’t add anything in terms of evidence but mentioned that the story was fake news and didn’t have any basis in facts.
“Tribune’s Story “Rs 500, 10 minutes, and you have access to billion Aadhaar details” is a case of misreporting. No biometric data breach. Legal action taken, including FIR against persons involved. Search facility gives limited access to name & other details, has no access to biometric details.”
Sanjay Jindal, additional director-general, UIDAI regional center, Chandigarh, has extended the security measures and ensures that no leaks will happen. However, this comes at a time when the last breach of privacy was done by the government itself, when it publicly released all the email IDs and phone numbers of those who had supported net-neutrality via its online submission form. Citizens, who are consumers of government services, have lost significant trust owing to these data lapses.
“Except the director-general and I, no third person in Punjab should have a login access to our official portal. Anyone else having access is illegal and is a major national security breach.”
What companies can do to stay ahead of the game, is to ensure that they have the highest quality data-tech team and a strong legal team to defer attackers. When they publicly demonstrate their capabilities, it adds a strong element of trust in the minds of the consumer.