If you are in the field of cyber security, you probably have heard that leaders of organizations are responsible for protecting customer date. You may have heard that could be fines and jail time. The Uber situation is a real-world example of this occurring. In short, Uber experienced a breach that exposed customer data to malicious parties. Uber’s Chief Security Officer was legally required to inform all impacted parties but did not representing a cover up. As a result, he has two charges against him and could face up to 8 years in prison.
The good news for consumers is that the government is taking data protection seriously. The bad news for organizations is that they need to take information protection and discloser seriously or leadership responsible for such data will be liable for some heavy fines and jail time.
The Hackernews posted details about this found HERE. I won’t be surprised if security consultants reference this situation when advising organizations on how to protect their data.