I’ve been known to get a tad snarky about breach notification letters that begin with how the breached entity takes the privacy and security of our information seriously. Sadly, that line seems to have become a pro forma part of breach notices.
Yesterday, though, I read a breach notification from Piedmont Advantage Credit Union about a missing laptop with customer information that just totally overdid the “we really do care” reassurances.
Above the body of the notification, it says:
Safeguarding your information is our utmost priority.
In the first paragraph, they write:
We take the privacy and safety of your information very seriously.
In the third paragraph, they write:
Please be assured that the privacy and security of your information is of the utmost priority…
And in the very next sentence, they write:
We are taking an approach of utmost caution…
I’m sure that there are people at PACU who really do care and are upset about the breach, but let’s keep in mind that most consumers have gotten a number of breach notices in the past two years and are getting cynical about such claims.
Would it really kill people to write:
“Well, we’re usually pretty good about protecting your data, but we seem to have fallen down this time and we’re really sorry. Here’s what happened and how we’re going to try to make things right with you…”
In the meantime, consumers should continue to respond to these claims of taking privacy and security seriously with the idiom, “I’m from Missouri. Show me.”