On Friday 10 January 2025 at 18:46:23, Didier Kryn wrote:

> banks are taking data security more seriously
> than others, which means it is possible.

Of course it's possible - but it takes time / money / expertise to do it (and
do it right).

Banks have to operate under far stricter regulatory requirements than any
other commercial (and certainly any non-commercial) websites have to, who only
have to pay some amount of lip-service to GDPR.

Even some of the high-profile penalties against websites which have allowed
personal data to be copied out the their database are pretty paltry compared
to the annual profits of the websites concerned, but that's all the legislation
allows for - a financial penalty. I'm not aware of any jurisdiction where an
organisation (other than a bank or similar financial insititution) which allows
personal data to be leaked can actually be shut down and stopped from doing
business.


Antony.

--
Some mistakes are too much fun to make only once.

                                                   Please reply to the list;
                                                         please *don't* CC me.