Capital One suffered a data breach. Its explanation of how many and which customers were affected is quite confusing — and it has an odd obsession with reporting on what wasn’t stolen rather than what was. According its About page: “Capital One is . . . serving approximately 45 million customer accounts.” So how many…
Somebody posted a database of 49 million Instagram influencers where anyone could see it. This event says more about the stupidity of the term “influencer” than it does about breaches and leaks. According to TechCrunch, the database originated with Mumbai-based Chtrbox, a marketing firm that pays influencers to post things. Each record included the number…
Twitter screwed up and wrote everybody’s passwords to a file in plaintext. Then (of course) they apologized. Can we do better with these apologies? And what’s the fallout from this incident? Here’s an analysis and a conversation with Crisis Communication expert Melissa Agnes, author of Crisis Ready. This is getting routine. And that’s the problem. At…
Hackers stole information on 600,000 Uber drivers and 57 million riders in 2016. The company paid $100,000 to the hackers to delete the data, but didn’t inform the affected people until now. New Uber CEO Dara Khosrowshahi’s remorseful apology is far clearer than Uber’s past statements, but never mentions the ransom. These are the facts,…
Thieves “potentially” made off with 143 million consumer records from credit reporting company Equifax. This is the worst data breach ever. The Equifax response is full of vague cover-your-ass statements at the exact moment when consumers most need accurate information. This is not the largest data breach ever — Yahoo lost data on 1 billion…
The quick polling app Wishbone, popular with teenagers, lost 2 million of its users’ email addresses and 287,000 phone numbers. Then it posted no apology — just a “no big deal” email to its users. Most of the apologies I critique are too defensive or company-centric, but I’ve never before seen one that’s basically says,…
Dropbox got hacked a while back. So the company emailed affected users — and hid the news. Burying the lede* is counterproductive; it just makes people work harder to find out the truth. Good writers get to the bad news quickly and frankly, then move on. Here’s what happened: In 2012, somebody stole 68 million Dropbox usernames and…