Everyone seems to be talking about the horrible gaff that AOL made by making some of their member’s search histories available online. While I don’t think that this endangered anyones “secret” info (ss#, bank accounts, etc.) it’s still not cool….
Something like this is bound to happen eventually in any company that deals with data. The question is, how bad with the leak be, and will you learn from the experience?
Over a decade ago, while working for Ticketmaster, we realized that we had a problem. A disgruntled box office employee of a client (a venue or a promoter (someone that has tickets to sell), a customer is a buyer of tickets) printed out a couple thousand customer accounts (of that one client, think mailing list but with credit card numbers…) and quit and walked out!
First, let me say that this is the perfect example of “your most vulnerable from the inside!” Secondly, there was no idea what was going to be done with the list. It was just kind of “noticed” that the list had credit card numbers…. While Ticketmaster had absolutely nothing to do with it, we pointed this out to the client and quickly solved it.
The system was changed so that once a credit card went in, you never saw anything again except for a couple of digits, so you could see that it was “that” card… you know, when picking up your tickets for the Stones at will-call…. But the point is, all the other credit card functions work as they should, you just don’t get to see any numbers – EVER!
Sure, there are always ways around every system of locks, but I think that AOL is deserving in their lax security for this data. Ticketmaster saw that data was so fragile (and it wasn’t even theirs) over a decade ago, that they put in measures to make sure that not only they, but their clients are protected :o)!