The attack group known as Magecart has been stealing payment information from sites for several years and is showing signs of maturation with the BA breach.
A data breach disrupts day-to-day operations and can hurt the company’s reputation, but the fact that stock prices bounce back pretty quickly makes it seem like the stock market doesn't penalize the company. Analysis by UK-based Comparitech found that long-term impact on the company’s stock performance after a breach.
GDPR mandates organizations self-report data breaches, and in the two months since the new privacy regulation went into effect, the number of reports have surged.
Bundles of personal data records are referred to as fullz on the underground marketplaces by criminals. The data can include names, addresses, phone numbers, social security numbers (SSNs) and date of birth, all of which can be used for medical fraud, impersonation or even extortion. Stolen healthcare information is valued the highest.
Companies get away with disclosing just the bare minimum, or dribble out the bad news to the point where no one is paying attention. We need to hold companies to a higher set of expectations.