Yesterday I received a mailed notice from Monster.com, stating that their database had been compromised, including my contact information. Fortunately I had not provided them with any information that I consider sensitive.
Given how many such cases of personal data theft or loss are reported, I wonder how many are covered up, and how many go undetected?
While I don’t have any ill will toward Monster.com, I think the only thing that would significantly reduce the number of cases of this nature would be to hold parties that collect personal data criminally liable for any misuse, loss, or theft of the data, with statutory damages. As long as companies have only minimal liability for data theft, they are not going to take adequate precautions to prevent it.