It seems data breaches are NOT a thing of the past and are occurring more frequently. In a recent article by Tracey Kitten of Bank Info Security, the speculated end goal of a breach is for hackers to collect PII (Personable Identifiable Information). This information can ultimately be used to steal a person’s identity, overtake bank accounts, and even spy on corporations and government. When enough PII is collected, hackers will try to infiltrate the systems and networks with phishing attacks.
Notifying customers of a data breach should not be a burden because after all, they are a company’s assets. The notification process should already be part of a company’s data breach response strategy, if best practices were followed in developing a response strategy. A data breach is costly to the bottom line and also to the reputation of the company. Having a customer find out on their own that their information has been compromised will not sit well with them or the public eye. How your company wants to notify customers is all up to you but it should definitely not be burden to let the affected know firsthand.
However, the best defense is to do everything to prevent the breach.