We don't usually comment about data breaches, after all, it's as if there is a new one each day and there are plenty of cyber security commentators who keep us all up to date. However, we're writing about this one as it was a company operating partially as an email validator that has exposed the data.
Cyber experts are trying to work out how the data that was exposed in a password-free database was gathered. Nobody knows the answer to that yet and the company hasn't issued a statement.
Over the years we've seen companies come and go in our sector, as they realise that to successfully validate data they need to have software engineers with a broad scope, and resources to ensure no shortcuts with security and infrastructure investment.
We're appalled at what were obviously lax security practises. The reason we're writing about this is to say; 'please don't be tempted to choose a data partner based on price or easy promises'. Look for the ISO 27001 accreditation. Choose partners that are data security accredited with credentials that can be proven. Take time to ask about any security areas and expect to receive comprehensive answers.
Our security processes are regularly tested, we've just received our renewal and extension of our ISO 27001 accreditation and we don't store your data.
If you'd like to chat with us about our security processes and systems, please get in touch with our Data Protection Officer. firstname.lastname@example.org