News Insights: Delta Sues Chatbot Vendor Faulted for Data Breach

Off Cyber Policy in the News,

Delta Sues Chatbot Vendor Faulted for Data Breach

Delta Air Lines is suing a vendor of customer service technology, [24]7.ai, for a breach of passenger data. The airline alleges the company had a weak Delta Air Lines is suing a tech vendor, [24]7.ai, for a breach of data affecting 825,000 passengers.

READ FULL ARTICLE: Delta Sues Chatbot Vendor Faulted for Data Breach

 

News Insights:

Gary Roboff, Senior Advisor, Shared Assessments  said, “What’s particularly interesting about this situation is that Delta seems to have had contract provisions (“adequate security, including encryption” according to the article) and had its provider sign a GDPR compliance addendum in February 2018 requiring immediate breach notification, five months before notifying Delta about the breach. Delta says its vendor was aware of the breach when it signed that agreement. That said, if Delta actually used the words “adequate security” instead of defining more precisely what good security hygiene means, that could be a problem.”

About The Author

Hugh Taylor is a Certified Information Security Manager (CISM). In addition to editing Journal of Cyber Policy, he writes about cybersecurity, compliance and enterprise technology for such clients as Microsoft, IBM, SAP, HPE, Oracle, Google and Advanced Micro Devices. Prior to launching his freelance writing career, he served in executive roles at Microsoft, IBM and several venture-backed technology startups.

Privacy Policy