I havn’t shopped at Target in a long time (it’s too damned frustrating getting in and out of their parking lot) so I wasn’t affected.
But what I’d like to know is when the hell are retailers going to be forced to bear the full costs of their data breaches? Giving customers 10% off doesn’t cut the mustard.
The retailer or business involved should be required to provide free identity protection service that covers all costs (time & money) for anyone affected by the breach for a period of 10 years or something like that. And I mean THEY spend the hours on the phones with various companies, banks and whatnot, not the ID theft victim.
Until we have a business that is driven out of business complying with these requirements, there will be no incentive for proper security to be maintained.
I tried about 10 times to post a longer reply here but it won’t show up for some reason. I was trying to say something about there being no legal concept of “computer malpractice” although it’s been tried several times.