With every data breach there is a victim.
While it may often ‘just' be a username, password or email address that is leaked, someone is bound to be affected. The announcement of a potential compromise of data could scare some more than others.
Well maybe a recent class action suite could cause someone to take action. In a report I read recently, around 80,000 people are seeking $40 million in compensation for their data lost by the Canadian Durham region on an unencrypted USB flash drive.
According to durhamregion.com, the data was personal information about people who had been vaccinated against the H1N1 flu virus. The class action suit was given the go-ahead by Justice Peter Lauwers of the Ontario Superior Court of Justice in late April, with Bowmanville resident John Sherlock Rowlands appointed as the 'representative' of the class.
It said that among the claims in the suit are that the region was negligent, there was a breach of a fiduciary duty, violation of privacy and breach of the Canadian Charter of Rights and Freedoms.
The USB key was lost in the parking lot of the regional headquarters by a public health nurse in December 2009. On the key was information on the 83,524 people who had been vaccinated between October 23rd and December 15th, 2009, at flu vaccination clinics provided by the regional health department.
The information included names, addresses, phone numbers, dates of birth, health card numbers, the name of a primary physician and personal health information provided when they got the vaccination.
Anders Kjellander, chief security officer at Blockmaster, said: “It is apparent that the loss of the data is catastrophic for everyone included; the person that lost the device, the organisation that has acted negligently and the people that had their information exposed, all are in a very painful situation.”