Data Breaches And Another Push to Migrate to Cloud?

The second largest data breaches reported in November that Marriott’s Starwood reservation system has been breached since 2014, affecting up to 500 million guests.

A few days later, another major breach was reported – Quora users’ account info and private chats were exposed, affecting around 100 million people.

While the largest hack in history involved around 3 billion accounts of Yahoo in 2013, Marriott’s will probably have the most “impact” as it not only involves usernames, emails, passwords, etc. (as in the case of Yahoo/Quora), but also includes passport info and date of birth among others. The latter two kinds are more personal and sensitive and could be combined to get access to many other things.

Thought One

This is just another reason why companies should move (at least part of) their info system to cloud services providers like Amazon, Microsoft and Google.

Technically, those companies have much better security expertise and do provide an edge in protecting users from those breaches.

And for corporate executives, the data security and related issues are outsourced and liabilities are kinda transferred. Media and users might focus more on why tech companies could be breached. (so how did FB data get hacked?)

Thought Two

It seems that most advices on breaches include change password, double-check card transactions and credit reports, freeze your cards… All about what customers should put extra efforts on themselves.

But I thought users should be reimbursed for their trust being failed. Corporates should take more responsibilities and be forced to provide appropriate remedies; otherwise every company could just save money and let those breaches happen again, when
prob(breach) * loss on breach(including remedies, future loss business, etc.) < cost of good data protection

While financial institutions would take some financial damage in those breaches for users, the identity damage might be hard to recover.

Much more efforts should be beforehand in protecting data. Or it’s not only a full network of tracing, but also a future fake network of people.


Read More On