An e-commerce site exposed customer's names, addresses, email accounts, credit card information, AND passwords for over six months. When this was discovered back in November, it took up until this week to secure the information.
Our businesses rely on our customers. They trust us with the services we provide. They also trust us to keep information about them secure. Too many companies are worried about customer acquisition and keeping current people, that they forget to lock down and audit their environment regularly. What was setup a year ago and tested may not have been patched or updated. New coding by a programmer may have involuntarily exposed sensitive data or allowed malicious activity inside a business. When the trust is broken between customer and business, it is not long before the company suffers long term damage that kills revenue and may very well kill the business outright.
Even if you are not storing credit card information on a server, there is potential that your financial, IP, or other sensitive data may be out there for the plucking. Are you 100% certain your IT is keeping you from showing your private files on the internet?
More on the leak: