Ticketmaster breach, beaches in general

cmeu@lemmy.world to No Stupid Questions@lemmy.world – 119 points –

So I got a notice from Ticketmaster that my identity was accessed by an intruder and my name, contact info and /encrypted/ payment info was compromised. These notices are more and more common. Why aren't companies accountable for damages when they fail to protect all the myriad data they collect on people without consent? I never asked them to store these things..

24

You have the option to sue or join a class action lawsuit - there is currently a class action lawsuit. If that interests you (and it should) be careful not to agree to anything with Ticketmaster.

The chances of you personally recovering much compensation unless you can show real personal damages and pursue Ticketmaster in an individual lawsuit.

Class action lawsuits never work because they plea deal into some shitty number that does no damage.

Class action lawsuits are very rarely lucrative for the harmed party but they often result in sizeable penalties for companies. They're essentially just punitive.

We take the protection of your personal information very seriously

Fuck, I loathe this corporate bullshit phrase. Obviously you didn't take it serious enough, now did you? For some reason this phrase really grinds my gears. Fair enough that you had a data breach and so on, but don't brush off the issue like this...

We take the protection of your personal information very seriously (now that we were caught out).

It’s the fucking robotic phrasing that doesn’t mean anything. It’s like when you read an article about some crazy bad thing a company did and the company is asked to make a statement, it’s always “we follow all applicable laws” or some version of “we didn’t do it.”

Why aren't companies accountable for damages

Whatcha gonna do about it...

That's why

I mean, if we genuinely had a significant amount of local, state and federal law makers that cared about protecting their constituents instead of whatever the fuck they are doing now, we could have some accountability.

Their "constituents" are the corporations paying their bills. When was the last time you bought a politician?

If my auntie had a dick, she would be uncle

Your Ticketmaster questions have been sufficiently answered, I think.

What did you want to know about beaches in general?

Same question - why aren't businesses responsible for maintaining enough security, with damages due for those whose information they misplace.

Was it a stupid question?

You asked about beaches, so are you interested in how they form geologically, which ones are good for surfing, or just looking for a sunbathing destination?

The person you replied to was joking based on your typo.

I had no idea I even did that. I read it several times and in my head it was britches the whole time

As the other commenter mentioned, it was a joke based on the typo in the title, haha

I've come to the conclusion that all these breach notices and the free stuff they offer for X months is a huge scam to get you sign up up for something. Either that, or every company has woefully underpaid/incompetent IT people. I'm waiting for the next news story to break on another company that somehow got passwords or identity info hacked that was stored in plain text...something I learned how to not do back in the 90s with basic HTML and PHP.

In short - I don't believe them. They all are using the same form letters, it's a scheme that they're all in on.

Either that, or every company has woefully underpaid/incompetent IT people

It's this one. Cox Communications, one of the largest telecommunications companies in the US with $11 billion in revenue, recently patched a bug on their self-serve portal that allowed anyone to access any customer's profile. The bug was that server requests weren't being authenticated. If you entered the right info into the URL bar you'd be given a page with anyone's customer info. No login needed.

I doubt they are that rookie about it...

But I do suspect a lot of these "breaches" are inside jobs though.

At the rate they are happening, nobody is held accountable... This is a good value proposition for an enterprising hard working person...

You can not believe them all you want. It doesn't magically make everyone competent.

Businesses value MONEY first, not security, not happy customers, not competent staff. MONEY.

Which is cheaper? Get a product working enough to sell. Get a product properly developed, secured, and audited.

Pick one. Hint: corporations choose MONEY. Every time.

Your data is not safe, because rich pieces of shit like MONEY more than they like YOU.