Accountability is for Suckers, Apparently

Background

First, for context, this is required reading: Data breach exposes 1.6 million Washington state residents who filed unemployment claims in 2020 — GeekWire

My Thought Process

When I originally saw that article, my first reaction from the gut was anger. The 1.6M people who had been dealt a bad hand by having to go for unemployment just got screwed a second time. That’s just salt and lime juice in the wound. Then, came the blame see-saw. As I mulled this over in my head, I took to LinkedIn to run a quick poll just to see what you all thought. For reference, the results are here: https://www.linkedin.com/posts/rmlos_security-cybersecurity-breach-activity-6762476500039065600-_6-K

The Lesson to Learn

Seems like there is enough blame to go ‘round here. The sad fact is that there are finger-pointing and little accountability for what is undoubtedly a catastrophic loss of highly sensitive data. People who are already hurting will get hurt further if their identities are stolen. “Credit Monitoring” isn’t good enough. Not even close. These 1.6M people should have identity theft insurance purchased for them for ~10yrs. It’s high time the industry recognizes “credit monitoring” is as useful to an identity theft victim as that parasol was to Wiley E. Coyote as the boulder crushed him. It’s infuriating as a victim to be told “sorry we screwed up, here’s a consolation prize that’s near as useless to you.”

Updates

Apparently — the lawsuits have started

I’m Rafal, and I’m a 20+ year veteran of the Cyber Security and technology space. I tend to think with a wide-angle lens, and am unapologetically no-bullsh*t.