Looking at news articles nowadays, it is not surprising anymore when you find an article about a recent data breach. Data-driven businesses are a great source for hackers. In only the first 6 months of 2018, there were 945 breaches, which affected 4.5 billion records (Ross 2018).
However, the amount of breaches does not always indicate the scope of the problem. For example, in Europe there was a decline of 36 percent in the amount of breaches. Nevertheless, there was still a rise of 28 percent in the number of records that were breached. This shows the increased severity of breaches (Ross 2018).
Social media is the biggest industry that is threatened with breaches, as it is attractive to hackers due to the significant amount of users on the platforms. For example, Facebook suffered from a security hack last month. This breach affected approximately 30 million people (Kastrenakes 2018). Personal information such as your name, contact details, gender, religion, education, work, current city etc. were obtained. The amount of personal information that was taken, depends on what a user chose to show on their public ‘’view as’’ profile. (Olson 2018).
Furthermore, the severity of the breach could also depend on what kind of information is taken. For example, a Dutch insurance company, Achmea, was victim of a data breach last August. Information of ten thousand people were obtained. This included very personal and sensitive information, such as people’s name, social security number, home address and payment amounts (NU 2018a).
The problem goes beyond companies. According to research of the Data Protection Authority, the Dutch taxation authorities do not adhere to the law regarding data security (Kleinnijenhuis 2018). The Dutch taxation authorities do not record when and which employees search for personal information. They state that it is ‘technically impossible’ to secure personal data. Consequently, they cannot guarantee that privacy sensitive personal data will become accessible to outsiders and the central database with information of all citizens is unsecure (Kleinnijenhuis 2018; NU 2018b).
In my opinion, governments and companies are still not doing enough to prevent these breaches. The Facebook example is one of many, where companies state they do everything to protect your data, users can shield their profile, but a wide range of information can apparently still be obtained. Moreover, the explanation ‘technically impossible’ is far from sufficient coming from a national authority.
What do you think about this and what should companies and the government do in your opinion?
Sources:
https://www.nu.nl/internet/5511557/gegevens-van-zon-tienduizend-verzekerden-achmea-uitgelekt.html
https://www.information-age.com/data-breaches-compromised-4-5-billion-records-123475313/
https://www.theverge.com/2018/10/12/17968562/facebook-hack-how-to-tell-if-data-stolen
http://digg.com/2018/facebook-hack-30-million-users-contact-info-2fa