Ask HN: Does GDPR force companies to disclosure security vulnerabilities?
3 by vrcabal | 1 comments on Hacker News.
If security researchers find a vulnerability involving direct access to PII and report it to the company affected, is the company required to disclose it to their customers? Article 34[1] says it is required to so in case of a data breach. Can an incident like this be seen as a data breach? [1] https://ift.tt/2zTMXuF
If security researchers find a vulnerability involving direct access to PII and report it to the company affected, is the company required to disclose it to their customers? Article 34[1] says it is required to so in case of a data breach. Can an incident like this be seen as a data breach? [1] https://ift.tt/2zTMXuF
No comments:
Post a Comment