This week's perspective from Bob Reid: We were dismayed to read about yet another theft of private customer data this week, when The Toronto Star broke the news that personal information on 283,000 Honda Canada customers had been stolen in a security breach. The Star obtained a letter that the company had sent out to affected customers on May 13, alerting them to the breach and warning of “possible improper access of information.” The theft involved names, addresses and vehicle identification numbers, not financial information, and Honda assured customers that they were not at direct risk of fraud or identity theft. Fair enough, we suppose. But why did this problem take so long to get to the media? Maybe it seemed prudent to try to avoid wider exposure. But following on the heels of Sony Corporation’s embarrassing series of security breaches, in which delay to disclose was a real reputational issue, we wonder why Honda Canada would not have simply released the information to the press and be seen as staying out in front of the problem. In fact, it seems to us that this was a situation where the media could have been useful in letting affected customers know about the breach. More to the point, waiting for the media to “obtain” a letter to customers makes it look like you’re trying to hide a problem rather than acknowledge it. And with nearly 300,000 letters circulating out there in the community, what are the odds that one of them wouldn’t end up in the hands of a reporter?
0 comments:
Post a Comment