Yesterday, the Federal Trade Commission (“FTC”) weighed in with another proposed settlement agreement requiring that the Dave & Buster's restaurant chain that experienced a massive data breach in 2007 establish and maintain a comprehensive information security program as a condition of settling a consumer protection action arising out of that data breach.
This is the FTC’s 27th case challenging faulty data security practices by organizations that handle sensitive consumer information.
Our Client Alert with complete links to the draft order and complaint and full discussion will be posted later today.