TY - GEN
T1 - Cloud Data Breach Disclosures
T2 - 3rd IEEE Conference on Norbert Wiener in the 21st Century: Being Human in a Global Village, 21CW 2021
AU - Kolevski, David
AU - Michael, Katina
AU - Abbas, Roba
AU - Freeman, Mark
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/7/22
Y1 - 2021/7/22
N2 - The incidence of cloud computing data breaches across the world is increasing as retailers, financial institutions, health providers and businesses of all sizes rely on infrastructure, platform, software, and anything as a service (IaaS, PaaS, SaaS and XaaS respectively). As cloud provisioning requires the Internet for the realization of services, security has become paramount. Companies have adopted cloud services to allow for agility in response to growth, particularly of digital services, while reducing their overall costs and maintenance issues. At the same time, the personally identifiable information (PII) of hundreds of millions of end-users is now at risk of being hacked, through insecure cloud computing practices that lead to data breaches. In this article, we explore three cases of significant cloud computing data breaches: 2011 Sony PlayStation Network (PSN); 2014 eBay, Inc.; and 2014 Yahoo!. This paper employs a qualitative methodology, using mini case studies to demonstrate the significance of data breaches. While class action lawsuits by citizens have brought attention to potential matters of disclosure, the misuse of data, and identity fraud in the context of cloud computing, US courts continue to rule that the direct costs to the individual end-user are merely speculative and not provable. The role of consumer class action for data breaches in the cloud are presented in this article.
AB - The incidence of cloud computing data breaches across the world is increasing as retailers, financial institutions, health providers and businesses of all sizes rely on infrastructure, platform, software, and anything as a service (IaaS, PaaS, SaaS and XaaS respectively). As cloud provisioning requires the Internet for the realization of services, security has become paramount. Companies have adopted cloud services to allow for agility in response to growth, particularly of digital services, while reducing their overall costs and maintenance issues. At the same time, the personally identifiable information (PII) of hundreds of millions of end-users is now at risk of being hacked, through insecure cloud computing practices that lead to data breaches. In this article, we explore three cases of significant cloud computing data breaches: 2011 Sony PlayStation Network (PSN); 2014 eBay, Inc.; and 2014 Yahoo!. This paper employs a qualitative methodology, using mini case studies to demonstrate the significance of data breaches. While class action lawsuits by citizens have brought attention to potential matters of disclosure, the misuse of data, and identity fraud in the context of cloud computing, US courts continue to rule that the direct costs to the individual end-user are merely speculative and not provable. The role of consumer class action for data breaches in the cloud are presented in this article.
KW - ID fraud
KW - case studies
KW - class action
KW - cloud computing
KW - consumers
KW - data breach
KW - disclosure
KW - end-users
KW - law
KW - misuse
KW - personally identifiable information
UR - http://www.scopus.com/inward/record.url?scp=85115985431&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115985431&partnerID=8YFLogxK
U2 - 10.1109/21CW48944.2021.9532579
DO - 10.1109/21CW48944.2021.9532579
M3 - Conference contribution
AN - SCOPUS:85115985431
T3 - 2021 IEEE Conference on Norbert Wiener in the 21st Century: Being Human in a Global Village, 21CW 2021
BT - 2021 IEEE Conference on Norbert Wiener in the 21st Century
A2 - Love, Heather
A2 - Adamson, Greg
A2 - Gopal, T. V.
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 22 July 2021 through 26 July 2021
ER -