Lost in the news of the humongous fine of USD5 billion against Facebook by the Federal Trade Commission in the United States was an action initiated by the US Securities and Exchange Commission (SEC) against Facebook for misleading their investors about the misuse of account holders data. It was reported that Facebook could likely be fined and pay a sum of USD100 million as settlement.
The SEC which polices what public companies disclose to their shareholders, in a statement said Facebook publicly downplayed any risk of the data being handled in violation of its rules as "merely hypothetical", when they knew user data had in fact been misused. Thus, Facebook failed to adhere to requirements for public companies to accurately describe and communicate the material risks to their business to investors.
There were several allegations of data breach at some of the large companies that are listed on Bursa Malaysia. These companies has not come forward to deny or confirm these alleged data breaches. It also appeared that the authorities and regulators did not seek any clarification from these companies, as any response from a query made by the regulators would have been made public in an announcement to Bursa.
Shouldn't the regulators take heed of what is now happening with Facebook and queried those companies that are listed on Bursa Malaysia should there be allegations raised in the public sphere about alleged data breach in such companies?