Security News > 2022 > December > How companies time data leak disclosures
Every year the personal data of millions of people, such as passwords, credit card details, or health details, fall into the hands of unauthorized persons through hacking or data processing errors by companies.
In the EU, any data leak that may result in risks for the concerned individuals must be reported within 72 hours.
The researchers identified the time of disclosure of more than 8,000 data leaks of publicly traded US companies between 2008 and 2018, using information obtained from the non-profit organization Identity Theft Resource Center.
There was a particularly strong correlation between the general news situation and the disclosure date in case of serious data breaches caused by internal negligence or errors and in case of leaks of health information or personal identity data.
"On heavy news days, both newsrooms and analysts have to prioritize the information they pick up. Our results suggest that companies strategically schedule the disclosure of data leaks and deliberately target times when the announcement will receive less attention," says Foerderer.
"Companies that bury their data handling mistakes under other news thus avoid public pressure for them and other companies to take stronger measures against data breaches," says Sebastian Schuetz.
News URL
https://www.helpnetsecurity.com/2022/12/05/data-leak-disclosure/
Related news
- 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage (source)
- Pokemon dev Game Freak confirms breach after stolen data leaks online (source)
- Troubled US insurance giant hit by extortion after data leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Ford investgates alleged breach following customer data leak (source)
- Ford investigates alleged breach following customer data leak (source)