Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 12 submissions in the queue.
posted by Dopefish on Tuesday February 18 2014, @10:30AM   Printer-friendly
from the ensuring-fairness-and-safety dept.

Papas Fritas writes:

"Michael Kitchen at Marketwatch reports that when companies in the US are hacked for customer information they often seem to react to such thefts with little more than a sigh and a shrug if they even report it at all. But in South Korea, they don't mess around with ID theft.

South Korea's financial-services regulator announced Sunday that three firms which suffered the theft of consumers' data last year would be barred from issuing any new credit cards or extending any loans for three months. In addition, the executives at the companies involved showed their contrition by going before television cameras and making deep bows and personal apologies. Some executives reportedly resigned over the incident, even though the alleged ID thieves were caught and arrested. The South Korean Financial Supervisory Commission (FSC) said the companies had 'neglected their legal duties of preventing any leakage of customer information.'"

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by SpallsHurgenson on Tuesday February 18 2014, @03:30PM

    by SpallsHurgenson (656) on Tuesday February 18 2014, @03:30PM (#1651)

    Alternately, the credit-card companies could properly enforce their own PCI compliance rules. According to those, if you are in violation then yes, they CAN forbid you from accepting credit cards from customers until you show evidence that you have fixed the violation. I've seen it happen to smaller companies for far less serious breaches than what happened at Target. That the credit-card companies did not do so with Target has more to do with their fear of losing their income from all those Target sales than it did with not pronouncing a "death sentence" on the retailer.

    Of course, that sort of threat is the only thing that will incentivize retailers to take credit-card security seriously. Without it, companies are always going to go cheap and easy, because any bad effects will affect only the customer, not the retailers themselves. But if suddenly a breach of credit-card data could put them at risk of becoming unprofitable, you can bet that more stringent methods will be put into place to ensure that nobody can walk out the door with a thumb-drive full of customer data.

    And while I am no fan of excessive government regulation... if the retailers won't do it, and the credit-issuers won't do it, and the customer can't do it, what other option is there but for there to be a law to ensure it gets done?

    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Interesting=1, Informative=1, Total=3
    Extra 'Interesting' Modifier   0  

    Total Score:   4