The Privacy Commissioners Office has been calling for proper fines for data breaches for YEARS.
Not a single muppet in the beehive has even given it a thought, from what i can tell.
The current maximum penalty is $10000.
Australia has their maximum penalty set to $50 million.
It’s shit, but I appreciate the humour of them changing names to Kirk and saying that they’re dead
The world is better off without that hateful, grifting oxygen-thief
I’m in this weird position where I’ve never been a part of a Data Breach in part because I don’t install or use any unnecessary Apps. I don’t use them. Apps are not secure and that adds insecurity to entire devices.
It would take an equifax level data breach to release my information.
How have you never been part of a data breach? Have you never signed up to a website? They are getting breached left right and center
I pretty much never give real personal details to websites outside of financial necessity, correct, but also a website is much more secure than an app on average and I’m willing to bet my life on that. The ONLY reason anything is ever made into an App instead of a Website is so that the App creators or operators can harvest MORE INFORMATION from you. That’s it. They are not more accessible, they don’t support more devices or formats, they’re not more secure/encrypted/un-screen-grabbable. They’re just worse and they’re being set up by people who do not mean you well, 100% of the time.
Yeah mate i think it’s fairly likely that many of us on here don’t go around installing bullshit apps. I haven’t been affected either.
The previous hack (manage my health) was not an app that people installed on their phones, it was a health management portal that patients were signed up to when they enrolled to clinics and practices that made use of that platform. These health providers used this as a database to store the medical information for all their patients. Molemaps, xrays, doctors notes, everything was uploaded, not by patients, but by their medical care providers.
If you’re enrolled at a gp it’s likely that your data is sitting in a similar system. MyIndici is an example I’m aware of, although it hasn’t been hacked to my knowledge.
The concern doesn’t stop with health apps either. Any third party data portal/platform is theoretically at risk, and kiwi companies love outsourcing risk to these private corps. Imagine the fallout from a RealMe hack, for example? It’s no less likely at this point, and because of the lackluster regulation around these data platforms, they have no real incentive to beef up security. That’s the issue here.
I think it’s worth pointing out that the vast majority of the public lack the basic ability to protect themselves from vulnerabilities and are apathetic to the dangers of the act of installing random apps to personal devices, even those associated with legitimate institutions and services.
As for potential solutions, obviously legislative solutions are the way to go and would take much of the pressure off of citizens.
When the post is making the case for stronger legislation, and you respond by bringing up the individual responsibility of those affected, it certainly gives the impression that you are arguing against regulation and shifting the blame toward the personal failings of the victims.
Most of the people affected in this hack appear to be the elderly and disabled. Many of them do lack the ability to protect themselves, not through apathy or ignorance, but because they are some of the most vulnerable people in our society. I think it’s important to approach these issues with compassion and understanding, rather than getting on your high horse and preaching to the choir.
Two things can be true at the same time:
-
The solution is regulatory and perhaps even technological and standardization.
-
This happens because people are dumb enough to implement and install unnecessary apps, more of us should consider what we’re doing.
-
That is certainly a take, but an app is just one attack surface for interacting with a service, and is not inherently secure or insecure; who you trust with your data is the far more relevant part here.
And that also doesn’t matter when you are forced to interact with a government service or essential utilities provider who then subsequently puts your data into the hands of the same high profit, low value shitware companies that have these agencies/organisations locked-in. What are you going to do then? Move to the woods?
No, it won’t stop until there is real accountability with teeth. Punish these fuckers for their incompetence with actual jail time for directors, otherwise fines are just the cost of doing business.
In the majority of cases the Apps are built or mainained by third parties who now additionally have access to your personal information, such was the case with a recent Railway travel app in Europe that revealed customers info and even Passport copies.
That is, among other things, why it is inherently a vulnerability.
In my area government services, medical processing, and utility companies can be managed either via website, phone, or in person. There has been a push lately for apps but I never sign off on any such disclosures and never use such apps. I would sue long before I considered it.
You comment reeks of nihilistic defeatism.
Good for you.
Meanwhile, plenty of people have been affected
Do you feel better about contributing nothing?
