On Wed, Apr 11, 2012 at 8:02 AM, Jeffrey Walton <[email protected]> wrote:
> On Wed, Apr 11, 2012 at 1:22 AM, Kevin W. Wall <[email protected]> wrote:
>> On Tue, Apr 3, 2012 at 9:35 AM, ianG <[email protected]> wrote:
>>>
>>> [Big SNIP]
>>>
>>
>> The big risk in having CCs or banking info stolen is the subsequent
>> (usually class action) lawsuits that usually follow. So these things are
>> done as part of following industry "best practice", in which case you can
>> at least claim that you've done due diligence and if you lose, at least the
>> claimants in the lawsuit are awarded treble damages.
> Rarely (if ever) happens. Judges usually don't certify the suit
> because claimants cannot demonstrate loss.
"Empirical Analysis of Data Breach Litigation,"
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1986461.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
