And once again, we see why incident response is so important to reputation management. CBC reports:
When Montrealer Hamid Shirdastian alerted tech company HP Inc. to a possible scam earlier this month, the company admitted to him it had been hacked, he told CBC — and then asked him for $100 to try to fix the problem.
“I think it was a completely wrong way to handle the case. It’s really annoying that they knew they’d been hacked, but they wouldn’t do anything to make it better,” said Shirdastian, a PhD student in business administration at Concordia University.
Read more on CBC, who were unable to get HP to respond to reasonable and specific questions as to what happened, how many were affected, and why HP wasn’t directly notifying customers.
I did a bit of searching on HP’s web site but did not see any breach notification posted there or linked from their home page. If anyone spots it, please let me know. This may turn out to be no huge deal in terms of personal information but if scammers had customers’ phone numbers and details on what HP product they owned, there is cause for concern about scamming and customers need to be warned.