Acxiom is a company which manages data for large corporations. "Maximize the value of your customer relationships," its website says. Acxiom has clients like GE, Microsoft, IBM, and many credit card companies for which it stores and presumably processes personal data. A Florida computer expert has been charged with hacking Acxiom; according to the Justice Department this is the
"largest case of illegal invasion and theft of personal information to date."
But...what's even scarier is that this happened last year also, and Acxiom kept its big clients and maybe its lackluster security also. So who should take responsibility for private information leaks? Obviously, if this hacker is guilty, he will go to jail. But what about the corporations who gave the information to a company with a bad track record? What about Acxiom's repeated failures? If Acxiom gets hacked every summer, obviously the big players should take their customer data elsewhere, and if they don't they are responsible for that data loss also.
Update (7/24): Six others have already settled in this case, but charges remain for stealing 8.2 gigabytes (wow! that's a lot of phone numbers and credit card numbers!) for the remaining defendant.