In the above cases of personal data leakage in 2022, those responsible for the incidents were not identified. Accordingly, they were not punished.
Companies that experienced a major leak of personal data openly took steps to "hush up" the incident. Only one case was reported to law enforcement. Internal investigations initiated by the guilty companies were not completed or their results were hidden from the public. Measures to prevent leaks of personal data in the future were not taken. This led to the fact that in a number of companies such incidents were repeated repeatedly.
The companies were not punished. A fine of 60 thousand rubles for leaking personal data during turnover transactions with six-figure sums seems imperceptible. At the same time, many las vegas email list people who suffered as a result of such incidents filed lawsuits in court to compensate for the damage incurred. The position of the applicants in these cases looks losing, since in order to compensate for the damages caused by the attackers, evidence of a direct cause-and-effect relationship between the fact of information leakage and fraudulent actions is needed. In practice, it is impossible to prove this, and the amount of compensation for moral damages is usually minimal.
How to achieve multiple growth in traffic and sales from your website?
Alexey Boyarkin
Dmitry Svistunov
Head of SEO and Development
Read more posts on my personal blog:
I have always been concerned about the issue of moving to a fundamentally new level. So that the indicators would grow not by 2 or 3 times, but by several orders of magnitude. From a thousand visits to ten thousand or from ten thousand to a hundred thousand, if we are talking about a website, for example.
And I know that such leaps are always the result of painstaking work in five areas:
Technical condition of the site.
SEO.
Collection of site semantics.
Creating useful content.
Working on conversion.
And at the same time, every manager needs an increase in sales and the number of applications from the site at the moment.
To get this growth, download our step-by-step template for increasing sales from the site:
Download template
Already downloaded
153438
How to secure your clients' personal data
In order to protect personal information, not only operators must strictly fulfill their legally prescribed obligations, but also its subjects must exercise reasonable care. The former must strictly comply with the requirements specified in government regulations and regulations of the FSTEC of Russia. These documents define the parameters of technical means that ensure the protection of personal data from leaks.
Basic requirements for operators' actions
Use of firewalls that make it difficult to access information databases.
Implementation of a system for checking and confirming the identity of employees who have been granted access to data.
Recording all actions of data processing specialists in logs. This allows us to understand what actions they performed with information that is protected by law.
Using antivirus software.
Implementation of cryptographic methods for encrypting information during its storage and transmission.
Implementation of measures and use of various methods aimed at preventing data leakage through physical channels (for example, by photographing a PC monitor, recording audio information or intercepting electromagnetic radiation).
Data protection for large companies
Source: shutterstock.com
The measures to prevent information leaks described above are quite expensive, but they have already been implemented in most government organizations and large companies.
The problem remains at the level of small businesses that provide services to citizens. Such firms are not always registered as operators, and therefore are not controlled by Roskomnadzor. If they decide to take such a step, then the implementation of a technical information protection system may prove to be an unbearable financial burden for such businesses. In this regard, citizens should be vigilant when choosing a service provider and in the process of working with them.