Best and worst data breach responses highlight the do’s and don’ts of IR

Block allowed an ex-employee to access sensitive Cash App customer data, resulting in a breach which it didn’t disclose for four months, while the International Committee of the Red Cross responded quickly and transparently to a cyberattack. Similarly, LastPass failed to secure customer data and its initial assurances turned out to be wrong, while Rackspace reacted swiftly to a ransomware attack, even exiting its hosted Exchange business. Also, Zacks Investment Research took a month to notify customers about a nine-month data breach.