Hacker News new | ask | show | jobs
by malz 3564 days ago
So covering up a known in-progress security breach is standard procedure? Instead of telling your users to change their passwords and so on?

Personally, I demand criminal investigation and at least a $1000 fine per account breached.
3 comments
dhimes 3564 days ago
Yeah, that sucks because I have my business stuff with them (I know, I know). On the bright side I didn't receive an email so maybe they didn't get the biz accounts. Changed my pw anyway.

And something's changed with their biz accounts anyway- it's been sold/rebranded or something and I'm not sure where the future lays... :[

link
brian-armstrong 3564 days ago
I don't think they actually broke any laws. How do you expect them to be charged for your demands?
link
malz 3563 days ago
You got me, they only broke the law in 47 states.

http://www.ncsl.org/research/telecommunications-and-informat...

link
brian-armstrong 3563 days ago
The California law, for example, just says it needs to be "expedient" without defining time limits. It isn't clear that they violated that law at all. They are disclosing a very large breach and I would assume that if they do see suits here, they will be civil suits.
link
ssalazar 3564 days ago
Yes, making demands in a web forum is the way to resolve this.
link