Small Businesses Held Accountable for Data Breaches
Posted: August 9, 2018 to Cybersecurity.
Everyone hears about big the big data breaches, the ones involving retail giants or healthcare companies. Not as many people pay attention to smaller data breaches, however, despite the fact that there are a lot of vulnerable small businesses out there. Take two recent cases. The first involved Unixiz, a small business that ran a teen-focused website called i-Dressup. Following a 2016 data breach, the Attorney General of New Jersey fined the California-based company for violating the Children's Online Privacy Protection Act and the New Jersey Consumer Fraud Act to the tune of $98,618. The website has also been shut down in the aftermath. In another case, the Attorney General of Kansas fined Pearlie Mae's Compassion and Care LLC (also based in Kansas) $8,750 for violating a Kansas Consumer Protection Act. Notably, Pearlie Mae's was found not to have implemented and maintained reasonable procedures to protect personal information. In particular, they didn't securely destroy records with personal information. Whether it's $8,000 or $100,000, most small businesses would be in pretty big trouble facing such fines. In fact, companies are on pace to be fined over $100 million in 2018. It's estimated that such fines could be drastically reduced if a company can show a faithful attempt to implement and adhere to better data protection practices. How does your company stack up when it comes to data protection? If you're at all unsure, you need to get a security expert's take. Click here to schedule a free consultation. What have you got to lose? The answer: A lot of money if your company suffers a data breach.
