Last week it was toy manufacturer VTech, today it’s British pub chain JD Wetherspoon. Barely a day goes by without a company announcing a big hack attack on its servers and subsequent data theft. Customers grumble a little, they shrug and then they continue on as normal. It’s time we really started to care.
It’s fair to assume that the hacks we hear about in the news are only the tip of an iceberg and many more go undetected or unreported. And while major breaches make headlines for a day or two, the media quickly moves on, and the aftermath is largely ignored.
Can customers whose data was lost in a breach trust that company in the future? Do those customers even remember the hack six months down the line? Do they understand the risks of their data being ‘out there’ somewhere?
It’s impossible to stop all online security breaches, but when we hear confused and confusing messages from a company like TalkTalk, and look at the sheer number of high-profile cases that emerge each month, it’s clear there’s a lot more that could be done to prepare for attacks, and prevent or limit their impact.
My colleague Ben Woods thinks we’re becoming more security-conscious as a result of these breaches, but I’m not so sure. I think we’re more aware of hacks, but not really that motivated to take much personal action. Unless we, as the public, start to actually care when our data is stolen from companies that we entrusted it with, things won’t get better very quickly.
We need to see more laws in place to ensure the best possible encryption and security standards are in place wherever they can be (admittedly not very likely from some governments like the UK and Kazakhstan), but before politicians will deal with that, we all need to do more than sigh, shrug and carry on when our data is stolen.