Given the in-state free tuition program in Georgia and the sheer number of applicants Georgia Tech receives each year, this breach could be quite significant and wide reaching. This is yet another example of a large data repository with PII that many people never even consider when managing the safety of personal information.
This is a noteworthy fine, both in terms of the overall enforcement of the COPPA Act and as a general wake up call for parents. Privacy and data loss concerns surrounding social media are very real and affect children and teens everyday. Better situational understanding is needed and precautions are warranted.
We are in the heart of tax season, so a compromise of this type and significance is particularly concerning and timely. Please take note and manage your identity information and review process carefully, especially if you use or have used this service in the past.
This is an interesting case, and many will be very interested to see how this plays out in the legal system. It is also a great example of the potential pitfalls of relying on cyber insurance to “protect” against cyber crime. It is unknown how much effort and expense the bank has invested in cyber protections, so it is unfair to judge the overall outcome of this breach. A big thank you to Mr. Krebs and the team at KnowBe4 for covering this story and sharing their insights.
There is no scenario where the phrase “stored and accessed online” should not be accompanied by the phrase “protected by or behind a firewall”. This potential breach is yet another reminder that we all have a responsibility to protect and safeguard individual and customer data, especially in an online environment. There really are no exceptions.
I cannot understate the danger of shadow IT. It bypasses security processes, testing procedures, tools, patching mechanisms and almost everything else in place to properly defend an organization. This article is a cringe worthy example.
No only is this yet another example of a significant breach of personal customer information, but it appears Panera worked very hard cover up this breach. Please be diligent in reviewing your personal information if you utilized this service from their website. Thank you to Mr. Krebs for his excellent reporting.
Take the time to verify the restaurant list on the franchisee website if you have visited an Applebee’s in the recent past. This breach may have compromised customer card information and other personal transaction data.
This is sad on so many levels. These types of bucket breaches are far too frequent and far too costly in terms of data exposed. There needs to be a better policing mechanism and businesses need to work on more effective security migration strategies when acquiring other organizations.
Please take notice if you are a user of RootsWeb or Ancestry.com.