Another day, another massive data hack:
Capital One, the Virginia-based bank with a popular credit card business, announced Monday that a hacker had accessed about 100 million credit card applications, and investigators say thousands of Social Security and bank account numbers were also taken….The hack appears to be one of the largest data breaches ever to hit a financial services firm. In 2017, the credit-reporting company Equifax disclosed that hackers had stolen the personal information of 147 million people. Last week, it reached a $700 million settlement with U.S. regulators over that breach.
You know what would put a stop to this? Put in place statutory damages for every personal record hacked. No excuses, no safe harbors. If you lose the records, you pay. I’ll be nice and suggest $100 per record.
I’ll tell you this: if Capital One had to pay $10 billion because of this hack, they’d take security a helluva lot more seriously. What measures would they put in place? I don’t know, but I know that after an endless pity party about how this would be totally unfair and there was nothing they could do and it would put them out of business—well, then they’d magically figure something out. That’s always how it works.