GCN’s William Jackson discusses the ethical aspects of the breach at credit card-processor Heartland Payment Systems.

The Privacy Watch blog at PC World points out that the public notification was probably due to state data breach notification laws.  Similar laws now exist in 44 states.  Associate Editor Erik Larkin does not believe these laws are effective enough and would like tougher penalties:

No matter how careful we are in protecting our identities, the vast majority of our sensitive data is held by companies over which we have no control. Those companies need the right incentive–or threat–to care about our data as much as we do.

On the other hand, a class-action lawsuit was filed just one week after the public notification - probably only the beginning of Heartland’s legal troubles.

Data Security, Financial