BrianKrebs on Nostr: We have laws that say companies have to disclose a breach when it involves the theft ...
We have laws that say companies have to disclose a breach when it involves the theft or disclosure of certain information. But AFAICT none of those laws say companies have to disclose the issue on their homepage somewhere. Even with breaches that are going to require all of the victim's customers to do IT gymnastics for several days to mitigate the threat.
Day 5 of Sisense's epic ownage and still crickets about the issue on their homepage.
https://krebsonsecurity.com/2024/04/why-cisa-is-warning-cisos-about-a-breach-at-sisense/Published at
2024-04-15 16:28:10Event JSON
{
"id": "d9346a426abaaf6f5620fe4337be7e86893fc948d9bf213f0f6b2645092779ca",
"pubkey": "1a5ac5b37984c5e37a11bc914029a81f025326ea7950c9475d9a3f21a494cb56",
"created_at": 1713198490,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/briankrebs/statuses/112276176283331548",
"activitypub"
]
],
"content": "We have laws that say companies have to disclose a breach when it involves the theft or disclosure of certain information. But AFAICT none of those laws say companies have to disclose the issue on their homepage somewhere. Even with breaches that are going to require all of the victim's customers to do IT gymnastics for several days to mitigate the threat.\n\nDay 5 of Sisense's epic ownage and still crickets about the issue on their homepage.\n\nhttps://krebsonsecurity.com/2024/04/why-cisa-is-warning-cisos-about-a-breach-at-sisense/",
"sig": "9f3f747991af6bb256035cb7a956836d5b815a4c830eb3d9bf29827364350959f1727caf913f9a006b67f6392b0941a32d7340fa7fff2b1a43c776921fbd51ac"
}
