Comment by ian_holt

I found I had exactly that issue ~3 months ago. A particular government department had their systems hacked and 1 of my email addresses became public along with 10s of thousands of other users. That in itself was bad enough except that this particular department had known about the breach about 2 months earlier and to make matters worse they had not been aware that the breach had occurred back in June 2025.

<We need to establish measures of accountability for data holders. Not securing customer data appropriately needs to be prosecutable, and the affected parties need to be given a right for compensation>

I 100% agree with you here. The trouble is, the government which are often the ones to push for major court-issued penalties when corporations stuff up, don't want to be held to the same level of scrutiny and penalty. Go figure