Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected

Consider some of the episodes last year in which large quantities of personal data were stolen: 300 million customer and device records for users of a service that’s supposed to shield internet traffic from prying eyes; a 17.6-million-row database from a second organization, containing profiles of people who participated in its market research surveys; 59 million email addresses and other personal data lifted from a third company. These sorts of numbers barely raise an eyebrow these days; none of the incidents generated major press coverage.
Cybertheft conjures images of high-tech missions, with sophisticated hackers penetrating...