Following the news of PayPal’s discovery of a data breach in its recently-acquired TIO, with the data of 1.6 million customers stolen, STEALTHbits commented below.
Jonathan Sander, CTO at STEALTHbits Technologies:
“Announcements like PayPal’s about their acquired entity TIO being breached are going to become common – and that’s a good thing. In a sense, we are entering an era where only brands that are well trusted will be able to talk about security openly, the way PayPal has here. We all want companies to be honest about security, but at the same time we are collectively likely to punish small firms that have breaches before gaining a foothold of trust in our minds. PayPal knows it will actually come out ahead in the reputation calculus for telling us about the problems at TIO. But would we have given that same credit to TIO themselves? This is also a sign of larger companies learning from Uber that hiding things is no longer acceptable. PayPal has always been a very security first organization so it’s not surprising they decided to handle TIO’s incident this way. But others, looking at the possible hit to revenue from this action, may have chosen to follow Uber’s model of hiding things if possible.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.