[rvz]

Right now in 2019, companies in the UK who somehow now think that they are 'tech companies' have this attitude when it comes to security. I met one company that recently got funding in the UK that deals with personal insurance and asked them if they write tests and they responded that they don't have tests, because they have no time to write any. In this case, that is like not having a security audit because we don't want anyone knowing the secret sauce.

Unfortunately, The motto here is that 'If it ain't broke, don't fix it.' and these systems don't get updated in a while until it is too late.

> Posting it to you is secure, as it's illegal to open someone else's mail. ^JGS

I can't trust Virgin to mail me anything sensitive then as the person who sent these details could have just seen it and wrote it down beforehand. That is too much of a risk to trust anyone and call that secure, even if it is illegal to open someone else's mail.

Well I'll be expecting the GDPR officers to mail you clowns a huge fine then.