I wish the regulation around customers’ personal data caused companies to treat it like nuclear waste: strive to store the least amount humanly possible while allowing the business to function, and every executive team assuming that a serious incident under their watch probably means shareholders being wiped out and end of their company in its current form.

This is going to keep happening until there are some real regulations with teeth in place.

If your private data is leaked, the company responsible should have to pay you some significant amount proscribed by federal law, regardless of whether or not you've had your identity stolen. A leak like this should bankrupt the company responsible.

Congratulations in advance for your cents from the class action lawsuit. If even that...

Just maybe not having this data might be good idea?

Well well well.

Nearly one-third of the US population may have had their personal data exposed following a leak at background check firm MC2 Data.

To carry out its checks, MC2 Data compiles data from a range of sources, including criminal records, employment history, family data, and contact details. This data is used to create profiles of individuals that are then sold to employers and landlords.

The company operates several websites, including PrivateRecords.net, PrivateReports, PeopleSearcher, ThePeopleSearchers, and PeopleSearchUSA.

According to Cybernews, which uncovered the breach, the exposed data is believed to include names, birthdates, email addresses, phone numbers, passwords, IP addresses, property records, and more.

Data on some clients seeking background checks was also exposed.

The leak is believed to have been caused by human error, with the 2.2TB of data left without a password and easily accessible to anyone on the internet.

NPD now this, is 2024 the year of PII leaks for Americans?

[dead]