Betfair established that the theft included not only the payment card details of most of its customers but also 3.15m account usernames with encrypted security questions, 2.9m usernames with one or more addresses, and almost 90,000 account usernames with bank account details.
The company Betfair were forced to inform authorities including the UK Serious Organised Crime Agency and Royal Bank of Scotland – the lender responsible for accepting credit and debit card payments made via Betfair.
However, what is considerably more alarming, and what is leading experts to suggest this will become the poster child for how a company completely fails in security and breach response is the fact that the company sat on the fence and decided not to inform any of its customers.
Betfair prides itself in being a technology-based company, handling more than 5m transactions per day. A worrying claim considering the volume and sensitivity of data stolen.
Also in the news this week a watchdog has stated NHS data security breaches are just ‘plain daft’ and are ‘as bad as gossiping about patients down the pub’. Jonathan Bamford, the head of strategic liaison at the information Commissioner’s Office, claims that NHS staff should be more aware of data security risks as patient confidentiality “Is at the heart of what they do”.
“The conundrum for me is that those very same people who wouldn’t dream of chatting about patient information at Costa Coffee or down the curry house are the very same people who are losing memory sticks with lots of information on it, who are doing daft things with people’s personal information.”
Bamford used the example of the Dartford and Gravesham NHS trust, which recently mistakenly destroyed 10,000 health records that were left in a destruction room, because the archiving room was full. This type of breach occurs when someone logs into a computer then allows other colleagues to use the same address.
It is generally the case that these NHS security breaches are occurring not because of hackers, but because staff are not properly informed. Get in contact with Metadigm today, and one of our expert engineers will help with education and services to put your company’s worries to rest!
