Quote:
Originally Posted by Alexander Turcic
I disagree. At the moment they discovered someone attempted to hack their server(s) they could not have known the extend of the hack. Likewise, they could not have ruled out that any customer-sensitive information leaked out. Had I been a customer, I would have insisted in being notified immediately of the potential thread that someone illegally obtained my personal information (which may have included sensitive data such as my credit card number).
|
Maybe the CC info was stored on another server that wasn't hacked into and knowing that was safe, didn't feel the need to tell everyone till they fixed the underlying problem. Just guessing here at the moment.