LexisNexis, the data broker that last month notified 32,000 people that their personal data had been stolen from company-owned databases, now
admits that a total of 310,000 people had their data stolen. The company’s databases were breached nearly 60 times over the course of the
past two years. At Senate Judiciary Committee hearings last week, both LexisNexis and ChoicePoint admitted to having deliberately concealed data breaches in the past because no law required them to come forward and notify those affected.
http://www.reuters.com/newsArticle.jhtml?storyID=8159934
http://www.theregister.co.uk/2005/04/14/privacy_invasion_is_good_for_you/print.html
maybe just requiring notice isn’t enough.
maybe the laws should penalise companies for not keeping the data secure.
