I Was Wrong
I’ve had a conversation recently with a CSO about breach disclosure. His shop had screwed up and exposed, well, an awful lot of social security numbers. They feel really bad about it, and they don’t think anyone will really be hurt.
Gosh darn it, he was really sincere.
So I take it back. We should let the people who’ve screwed up
compound their errors so that they don’t suffer embarrassment.