- SOLUTIONS & SERVICES
As we have discussed in a previous blog post about Sony, the consequences of a data breach reach beyond the initial loss of data. The latest company to experience this is Arby's.
They have announced that their point-of-sale system had been compromised by intruders from October 2016 to January 2017. In total, 335,000 customers had their credit and debit card information exposed at over 1,000 Arby's locations.
Almost immediately after the announcement, Arby's has been hit with multiple class action lawsuits. One is being led by affected customers, while another was filed by four credit unions and the Michigan Credit Union League. The credit unions are seeking damages related to the cost of canceling and reissuing cards, changing or closing accounts, and notifying members of the breach. Both suits allege that Arby's had lax security practices, which led to the breach.
We posted a blog earlier this week discussing how information governance affects overall information security and that applies directly in this case. While Arby's clearly had some external security vulnerabilities, they could have mitigated some of the damage with effective information governance practices.
It is always superior to have a proactive approach to your data. Once a breach or violation happens, it is too late, the damage is already done.
There is already a lot of research available about the benefits of Information Governance. I have included a list below of some of the most relevant benefits.
We recently held a webinar to further break down how cleaning up your data and committing to an information governance program reduces compliance risk. CLICK HERE for the link to the recording and slides of that presentation.
Once you have cleaned up that legacy ROT data and created a process for moving forward, the course corrections and adjustments in the future are exponentially easier. The key is laying down that essential groundwork. IG improves every function of your enterprise related to information, from eDiscovery and legal holds to email.