Experts On Vistaprint Database Breach

Security researchers have identified an exposed database belonging to online printing giant, Vistaprint.  A spokesperson from Vistaprint has confirmed the unencrypted database exposed data from customers in the US, UK and Ireland.

Experts Comments

November 27, 2019
Anurag Kahol
CTO
Bitglass
“Regardless of the number of individuals affected, the type of information exposed leaves Vistaprint's customers vulnerable to identity theft and fraudulent activity. The number of those affected will have an impact on repercussions; Vistaprint may face from data privacy regulation fines. With GDPR in full effect, we’re beginning to see massive fines levied against companies and CCPA is set to take effect in January 2020 which calls for fines ‘...not less than $100 and not greater than.....Read More
“Regardless of the number of individuals affected, the type of information exposed leaves Vistaprint's customers vulnerable to identity theft and fraudulent activity. The number of those affected will have an impact on repercussions; Vistaprint may face from data privacy regulation fines. With GDPR in full effect, we’re beginning to see massive fines levied against companies and CCPA is set to take effect in January 2020 which calls for fines ‘...not less than $100 and not greater than $750 per consumer per incident or actual damages, whichever is greater.’ While there might be less damage control, the information is still readily available on the dark web.”  Read Less
November 27, 2019
Stephen Gailey
Head of Solutions Architecture
Exabeam
“One of the key pillars of capitalism is that companies do what is right, because doing the wrong thing costs them money and their shareholders react by changing the board. But what happens then when boards fail to understand even the most simple of Information Security principles and worse, when the shareholder organisations are similarly ill-equipped to understand the risks? Presumably, national Information Commissioners will continue to fine these organisations until either they learn,.....Read More
“One of the key pillars of capitalism is that companies do what is right, because doing the wrong thing costs them money and their shareholders react by changing the board. But what happens then when boards fail to understand even the most simple of Information Security principles and worse, when the shareholder organisations are similarly ill-equipped to understand the risks? Presumably, national Information Commissioners will continue to fine these organisations until either they learn, or eventually a younger, more security-savvy generation of executives take over. In the meantime, we can all expect to have to replace our credit cards semi-annually and ensure we’re signed-up to credit check agencies. National governments stand to make a small fortune from these fines, but little of that is likely to come back to the individual victims of data theft. We have a long road ahead of us and I have yet to discern the faintest glimmer of light at the end of the tunnel.”  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.