A Senate Commerce Committee interrogation of current and former executives at Equifax and Yahoo! revealed few answers about the data breaches that occurred at both companies. Both data breaches have been called the largest in history, with billions of consumers affected.
On Wednesday, the committee grilled executives, including former head of Yahoo! Marissa Mayer, about how the data breaches happened and who was responsible. Neither Mayer, nor Richard Smith of Equifax, were able to provide much information about the breaches.
The Yahoo! breach occurred in 2013, when hackers stole account information from three billion users. Mayer says that company was not aware of the breach until the U.S. government brought it to their attention in 2016. Yahoo! disclosed the breach in December of last year, but at the time, they said that only one billion accounts had been hacked.
Yahoo! suffered another cyberattack in 2014, when information was stolen from 500 million accounts.
Mayer, who resigned after Verizon bought Yahoo! in June, received a severance package worth $260 million. At the Senate hearing, she blamed Russian hackers for the 2014 breach, but said she did not know who was responsible for the 2013 breach. She was also unable to provide any details as to why it took the company three years to discover the 2013 breach, and why the company had grossly underestimated the number of stolen accounts.
While Mayer couldn’t provide many answers, she did express remorse. “As CEO, these thefts occurred during my tenure. I want to sincerely apologize to each and every one of our users,” she said during her testimony.
Some Senators, however, were unimpressed by the apology. Senator Brian Schatz (D-HI), said that it was “unfathomable” that Mayer could “harm consumers” then “walk away with the amount of money that a small city or county uses for their annual operating budget.”
Like Mayer, Equifax’s Richard Smith was also short on answers. Earlier this year, Equifax revealed that highly sensitive information from over 145.5 million users had been stolen. Because Equifax often gets data from third party users, many “customers” whose information was hacked were not even aware that Equifax had their information.
The company has been harshly criticized for waiting six weeks after finding out about the hack to disclose to customers, as well as for failing to install a much-needed security update that would have patched the vulnerability that hackers used to steal the data.
The executives, however, insisted that the breaches were the result not of negligence, but of increasingly “sophisticated” hacks. Mayer said that tech companies were engaged in an “arms race” against hackers, include state-sponsored agents, arguing that these hackers have “changed the playing field so dramatically” that “all companies, even the most well defended ones, could fall victim to these crimes.”
When asked if Yahoo! customers could expect their data to be safer in the future, chief privacy officer Karen Zacharia couldn’t say.
Big retailers are opting for refunds instead of returns
(BUSINESS NEWS) Due to increased shipping costs, big companies like Amazon and Walmart are opting to give out a refund rather than accepting small items returned.
The holidays are over, and now some people are ready to return an item that didn’t quite work out or wasn’t on their Christmas list. Whatever the reason, some retailers are giving customers a refund and letting them keep the product, too.
When Vancouver, Washington resident, Lorie Anderson, tried returning makeup from Target and batteries from Walmart she had purchased online, the retailers told her she could keep or donate the products. “They were inexpensive, and it wouldn’t make much financial sense to return them by mail,” said Ms. Anderson, 38. “It’s a hassle to pack up the box and drop it at the post office or UPS. This was one less thing I had to worry about.”
Amazon.com Inc., Walmart Inc., and other companies are changing the way they handle returns this year, according to a report by The Wall Street Journal (WSJ). The companies are using artificial intelligence (AI) to weigh the costs of processing physical returns versus just issuing a refund and having customers keep the item.
For instance, if it costs more to ship an inexpensive or larger item than it is to refund the purchase price, companies are giving customers a refund and telling them to keep the products also. Due to an increase in online shopping, it makes sense for companies to change how they manage returns.
Locus Robotics chief executive Rick Faulk told the Journal that the biggest expense when it comes to processing returns is shipping costs. “Returning to a store is significantly cheaper because the retailer can save the freight, which can run 15% to 20% of the cost,” Faulk said.
But, returning products to physical stores isn’t something a lot of people are wanting to do. According to the return processing firm Narvar, online returns increased by 70% in 2020. With people still hunkered down because of the pandemic, changing how to handle returns is a good thing for companies to consider to reduce shipping expenses.
While it might be nice to keep the makeup or batteries for free, don’t expect to return that new PS5 and get to keep it for free, too. According to WSJ, a Walmart spokesperson said the company lets someone keep a refunded item only if the company doesn’t plan on reselling it. And, besides taking the economic costs into consideration, the companies look at the customer’s purchase history as well.
Google workers have formed company’s first labor union
(BUSINESS NEWS) A number of Google employees have agreed to commit 1% of their salary to labor union dues to support employee activism and fight workplace discrimination.
On Monday morning, Google workers announced that they have formed a union with the support of the Communications Workers of America (CWA), the largest communications and media labor union in the U.S.
The new union, Alphabet Workers Union (AWU) was organized in secret for about a year and formed to support employee activism, and fight discrimination and unfairness in the workplace.
“From fighting the ‘real names’ policy, to opposing Project Maven, to protesting the egregious, multi-million dollar payouts that have been given to executives who’ve committed sexual harassment, we’ve seen first-hand that Alphabet responds when we act collectively. Our new union provides a sustainable structure to ensure that our shared values as Alphabet employees are respected even after the headlines fade,” stated Program Manager Nicki Anselmo in a press release.
AWU is the first union in the company’s history, and it is open to all employees and contractors at any Alphabet company in the United States and Canada. The cost of membership is 1% of an employee’s total compensation, and the money collected will be used to fund the union organization.
In a response to the announcement, Google’s Director of People Operations, Kara Silverstein, said, “We’ve always worked hard to create a supportive and rewarding workplace for our workforce. Of course, our employees have protected labor rights that we support. But as we’ve always done, we’ll continue engaging directly with all our employees.”
Unlike other labor unions, the AWU is considered a “Minority Union”. This means it doesn’t need formal recognition from the National Labor Relations Board. However, it also means Alphabet can’t be forced to meet the union’s demands until a majority of employees support it.
So far, the number of members in the union represents a very small portion of Google’s workforce, but it’s growing every day. When the news of the union was first announced on Monday, roughly 230 employees made up the union. Less than 24 hours later, there were 400 employees in the union, and now that number jumped to over 500 employees.
Unions among Silicon Valley’s tech giants are rare, but labor activism is slowly picking up speed, especially with more workers speaking out and organizing.
“The Alphabet Workers Union will be the structure that ensures Google workers can actively push for real changes at the company, from the kinds of contracts Google accepts to employee classification to wage and compensation issues. All issues relevant to Google as a workplace will be the purview of the union and its members,” stated the AWU in a press release.
Ticketmaster caught red-handed hacking, hit with major fines
(BUSINESS NEWS) Ticketmaster has agreed to pay $10 million to resolve criminal charges after hacking into a competitor’s network specifically to sabotage.
Live Nation’s Ticketmaster agreed to pay $10 million to resolve criminal charges after admitting to hacking into a competitor’s network and scheming to “choke off” the ticket seller company and “cut [victim company] off at the knees”.
Ticketmaster admitted hiring former employee, Stephen Mead, from startup rival CrowdSurge (which merged with Songkick) in 2013. In 2012, Mead signed a separation agreement to keep his previous company’s information confidential. When he joined Live Nation, Mead provided that confidential information to the former head of the Artist Services division, Zeeshan Zaidi, and other Ticketmaster employees. The hacking information shared with the company included usernames, passwords, data analytics, and other insider secrets.
“When employees walk out of one company and into another, it’s illegal for them to take proprietary information with them. Ticketmaster used stolen information to gain an advantage over its competition, and then promoted the employees who broke the law. This investigation is a perfect example of why these laws exist – to protect consumers from being cheated in what should be a fair market place,” said FBI Assistant Director-in-Charge Sweeney.
In January 2014, Mead gave a Ticketmaster executive multiple sets of login information to Toolboxes, the competitor’s password-protected app that provides real-time data about tickets sold through the company. Later, at an Artists Services Summit, Mead logged into a Toolbox and demonstrated the product to Live Nation and Ticketmaster employees. Information collected from the Toolboxes were used to “benchmark” Ticketmaster’s offerings against the competitor.
“Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” said Acting U.S. Attorney DuCharme in a statement. “Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic.”
The hacking violations were first reported in 2017 when CrowdSurge sued Live Nation for antitrust violations. A spokesperson told The Verge, “Ticketmaster terminated both Zaidi and Mead in 2017, after their conduct came to light. Their actions violated our corporate policies and were inconsistent with our values. We are pleased that this matter is now resolved.”
To resolve the case, Ticketmaster will pay a $10 million criminal penalty, create a compliance and ethics program, and report to the United States Attorney’s Office annually during a three-year term. If the agreement is breached, Ticketmaster will be charged with: “One count of conspiracy to commit computer intrusions, one count of computer intrusion for commercial advantage, one count of computer intrusion in furtherance of fraud, one count of wire fraud conspiracy and one count of wire fraud.”
Business Marketing1 week ago
Free shipping is everywhere… how can small businesses keep up?
Business Marketing1 week ago
Why you must nix MLM experience from your resume
Business Marketing1 week ago
How many hours of the work week are actually efficient?
Opinion Editorials1 week ago
The truth about unemployment from someone who’s been through it
Tech News1 week ago
Star Citizen: A cautionary tale of Kickstarter and crowdfunding
Opinion Editorials1 day ago
Ways to socialize safely during quarantine
Business Finance3 days ago
Is the convenience of payment apps worth the risk of fraud?
Opinion Editorials2 weeks ago
5 insights into building a culture with your remote teams