I have helped organisations prepare for the worse with incident response and business continuity plans. I have however never suggested that post incident they should forcibly change their terms and conditions to avoid being sued!
Following a breach that has exposed the data nearly seven million users, 23andMe is doing just that.
What kind of personal data has been exposed? Well 23andMe is an online DNA testing organisation that offers a “Health +plus Ancestry Service” all from a bit of spit. Now that data must be sensitive…
Your takeaway
You need better plans than that.
Clive Catton MSc (Cyber Security) – by-line and other articles