Half a billion Facebook users experienced a breach of privacy via the social network through hacker activity. Names, birth dates, phone numbers, email addresses, and locations became accessible when posted by the hackers and appeared to be a few years old. Though the disclosure of the information mentioned above may not pose a severe risk to people’s general privacy, a data breach concerning an insurance company, Health Net, could have ended with detrimental results. The same release of names and birthdates led to the exposure of insurance numbers, and Health Net did not report the violation until two months after it occurred. The hack was tied to a third-party vendor, Accellion, in January while policyholders were notified in March. Health Net proceeded to state that there was no reason to believe that the leaked personal information was handled incorrectly, though there is evidence suggesting the company simply was unable to track whether harm, defraud, or other malicious acts were committed.
The company provided policyholders with a year of free credit supervision and theft insurance but did not address the previous breach with other policy adjustments or investigations. Additionally, in the case of any harm caused to the policyholders, Health Net was not held accountable. The two situations sparked further investment in a discussion concerning online privacy and the lack of government involvement and policy that is currently making users and policyholders vulnerable. Certain individuals suggested creating non-ambiguous, clear, and strict rules concerning data collection and storage, both within commercial and federal sectors through national privacy laws.
- While the current data collection benefits large companies like Facebook, is its use worth the potential vulnerability of the users?
- In the case of a definite national law regarding privacy, how much responsibility should companies bear in situations of data breaches and hacking?
Reference
Lazarus, David. “Facebook and Health Net Hacks Drive Home the Need for a National Privacy Law.” The Los Angeles Times, 2021.