Access governance control failure leads to data loss & lawsuit

Interesting to see what may be the beginnings of a consumer legal groundswell around data breaches that lead to identity theft.  While many organizations haven’t felt the wrath of customers taking action against them for the loss of personally identifiable information, that may now be changing as evident by this recent Dark Reading coverage of the class action lawsuit of Countrywide Financial.  The importance of implementing good access governance controls should be of paramount importance, especially for business-to-consumer organizations.  This clearly demonstrates that organizations need to think about how they better manage the business risks associated with providing access to sensitive information resources as what’s at stake is more than just a loss of consumer data, customer trust and reputation - the legal risks and operational costs are going to be substantially higher moving forward.

http://www.darkreading.com/database_security/security/privacy/showArticle.jhtml?articleID=224201969&cid=nl_DR_DAILY_2010-04-08_h