Joe Nocera has a column about the Home Depot customer data breach that is worth noticing for at least two reasons.
First, he engages in what Times public editor Margaret Sullivan has called, in other instances, "anonymous outsourcing," borrowing another news organization's anonymously sourced material and passing it along to Times readers without independently assessing the veracity of the sources. Mr. Nocera writes:
Bloomberg Businessweek found two unnamed former Home Depot managers who claimed that they were told to "settle for 'C-level security' because ambitious upgrades would be costly and might disrupt the operation of critical business systems."
There's no hyperlink to the Bloomberg Businessweek story from the Nocera column. For all we know, the former managers are disgruntled for some other reason. It's difficult to get Home Depot's response to their story without knowing who the former managers are or where they worked.
Second, the column's policy conclusion made me laugh. Mr. Nocera writes, in all apparent earnestness:
the federal government needs to get involved. With the banks and retailers at loggerheads, only the government has the ability to force a solution — or at least make it painful enough for companies with lax security to improve.
The federal government — the ones who gave us Edward Snowden and Bradley/Chelsea Manning and the Wikileaks cables published by Julian Assange and just about every other government confidential secret that shows up on in the New York Times — they're supposed to be the ones who can "force a solution" to the problem of private sector data security? Come on. The only way this might work is if the Federal Government brings Lois Lerner and the IRS into Home Depot to advise them on how to lose data so completely that not even hackers can recover it.