* data breaches are very easily hidden: literally anyone can walk out with a usb drive loaded with information, or download the data off an unsecured/unlogged server without a trace
* it's hard to prove: I mean, companies aren't exactly offering their logs up for public inspection
* the system is built for allowing shadiness: not sure how to quantify this one but there's definitely a problem of attribution when it comes to who did it, especially when there's multiple data brokers involved.
You read hearsay saying that company X has suffered a data breach. The company denies this. Do you give them the benefit of the doubt, or do you assume they're guilty?
* data breaches are very easily hidden: literally anyone can walk out with a usb drive loaded with information, or download the data off an unsecured/unlogged server without a trace
* it's hard to prove: I mean, companies aren't exactly offering their logs up for public inspection
* the system is built for allowing shadiness: not sure how to quantify this one but there's definitely a problem of attribution when it comes to who did it, especially when there's multiple data brokers involved.
You read hearsay saying that company X has suffered a data breach. The company denies this. Do you give them the benefit of the doubt, or do you assume they're guilty?