Where’s the consumer protection when data protection fails?

The problem for me is that all those companies use your data for financial gain which allows hackers to infiltrate the systems for their own financial gain . Its like MS and Windows while controlling the system using back doors they also allow hackers to get into your computer. MS compensate for that by never ending “updates ” but where is the updates for the telephone industry ? It is worth mentioning that you will not hear about BT being hacked as their security is tight although they would still email you or letter box you with bumf that doesnt constitute BT,s system being hacked . And as termination of contract is still being mentioned carrying over from the last Convo it was made very plain to the public that to transfer to another company without the £30 cease charge when the contract is up the customer must get a MAC address/code to use for no charge to occur this was publicised in the national press so ,it wasnt “hidden away ” in the small print . All you need to do is Call your current provider , yes thats all thats required to obtain one and should be provided in 5 days and don’t cancel your contract as it might take two weeks to transfer , if your contract is still in force you could incur large costs.

Virginmedia is a 0845 number

I recently became a victim of a scam whilst booking a holiday rental on the Homeaway.co.uk website. My details were compromised whilst making genuine queries about the availability of properties. The way I was scammed only suggests that it was an inside job and my personal details were used in order to advertise a fraudulent listing which met my exact criteria enticing me to book and part with £1700. The company are being very arsy and not giving me an explanation of how this breach happened. They generalised it by saying that sometimes their website does become a victim of a fraudulent listing but this was very rate. That is not the case Homeaway/ owners direct have been having issues with these sort of scams since 2010 and 6 years on they’re security is no better, and they still don’t accept any liability. The government needs to do something about companies like homeaway.co. uk and make them accountable then maybe they’ll take the safety and security of their customers seriously.

The ICO should be taken to task for using woolly words like “reasonable “in their guidance. Companies have to take reasonable steps. What I consider reasonable will be totally different from an IT director, and therein lies the problem.

Security breaches could be almost done away with if companies actually encrypted their data at source. Many hackers aren’t going to want to spend time hacking a system their get get the data from. But I imagine many companies haven’t done this do to the cost of not designing the system properly in the first place.

They could always force companies who have been breached to stop using overseas call centres, many talk talk scam phone calls have come from asian call centres.

And how we really stick it to those who deal in personal details … NOT
medconfidential.org/2015/uks-largest-online-pharmacy-fined-130000-for-selling-patients-data-to-scammers/

You really really have to hand it to the ICO
ico.org.uk/media/action-weve-taken/mpns/1433030/pharmacy2u-ltd-monetary-penalty-notice.pdf

The amount paid was probably the reduced £104,000 and the executives get off scot-free. One person, possibly one whose details were sold, lost £16,000 to the Australian scammers.

I am faintly disturbed by the difference in emphasis in this article and what appears on the Government site. The requested for jail sentences and a beefed up ICO should be mentioned.

17 June 2016
The Culture, Media and Sport Committee publishes report recommending a new custodial sentence of up to two years for those convicted of unlawfully obtaining and selling personal data. It has also said the Information Commissioner’s Office (ICO) should also have a robust system of escalating fines at its disposal to sanction those who fail to report, prepare for or learn from data breaches.

The Chairman was fairly tough particularly in the last two paragraphs

“Chair’s comment – Jesse Norman MP, Chair of the Committee, said:

“Companies must have robust strategies and processes in place, backed by adequate resources and clear lines of accountability, to stay one step ahead in a sophisticated and rapidly evolving environment. Failure to prepare for or learn from cyber-attacks, and failure to inform and protect consumers, must draw sanctions serious enough to act as a real incentive and deterrent.

As the TalkTalk case shows, the reality is that cyber-attacks are a constant, evolving threat. TalkTalk responded quickly and well to this attack, but appear to have been much less effective in the past, failing to learn from repeated breaches of different kinds.

They should now publish as much of the PWC investigation as commercially possible without delay, and set out exactly how they will implement any necessary changes. Everyone must take the lessons from the Talk Talk breaches as a wake-up call – both in how they prepare to prevent cyber-attacks, and in how they deal with their consumers when those attacks occur.”

arstechnica.com/security/2016/03/after-verizon-breach-1-5-million-customer-records-put-up-for-sale/

theregister.co.uk/2016/06/20/tmobile_czech_breach/

Just goes to show how well our data is secured. These are not highly dangerous breaches but for scammers they can provide enough details to be useful.

Ransomware with a new twist. And an additional password stealing attachment.

theregister.co.uk/2016/06/20/ransomware_scum_build_weapon_from_javascript/