Following the news that that high-end retailer Nordstrom is in the process of notifying its employees their data may have been compromised in a breach, please see below comments from Martin Jartelius, CSO of Outpost24.
Martin Jartelius, CSO at Outpost24:
There is also a considerable amount of time which has passed from the detection of the breach to the information being made available to potential victims. Taking into account the data which was exposed, waiting over a month to notify employees is very significant.
This is also a good example of why GDPR is of importance to us all. We may not be protected from those recurring breaches, but customers and end users have a right to know when companies have failed to meet their obligation to protect our information.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.