Interesting post in today’s Wired: Threat Level blog about a motion in the Alberto Gonzalez hacking case that was unsealed on Monday. We now have the identities of the other two “mystery” retailers – J.C. Penney was “Company A” and Wet Seal was “Company B.”
J.C. Penney argued unsuccessfully last week to keep the company’s identity under seal, and that it (a corporation) was entitled to anonymity under the 2004 Crime Victims' Rights Act. That law was intended to protect the “dignity and privacy” of victims – and that is what Penney argued. but Judge Douglas P. Woodcock was not convinced -- and in fact was "astonished." The Judge said in the hearing that he believed both retailers should have announced their involvement from the start and that consumers had the right to know. Woodlock said he would not provide the companies “insulation from transparency.”
For more: StorefrontBacktalk » JC Penney, Wet Seal: Gonzalez Mystery Merchants
Motion of Government - http://www.wired.com/images_blogs/threatlevel/2010/03/09-cr-10382-14.pdf
Showing posts with label TJX. Show all posts
Showing posts with label TJX. Show all posts
Tuesday, March 30, 2010
Thursday, September 17, 2009
Gonzalez Hearing: More than 40 MILLION Distinct Credit Card Numbers Recovered
Evan Schuman of StorefrontBacktalk has an interesting piece about last week’s plea in the massive credit card fraud case currently in federal court. Albert Gonzalez pleaded guilty in federal court in the cyberthief case and the plea hearing revealed some remarkable details. According to testimony, the Secret Service has collected “more than forty million distinct credit and debit card numbers from two computer servers” controlled by Gonzalez and his associates and has counted the consumer, retail and bank victims as “an enormous number of people, certainly millions upon millions, perhaps tens of millions.”
Schuman points out that the plea hearing may be the first and last details that we receive because the plea has avoided a federal trial.
Schuman points out that the plea hearing may be the first and last details that we receive because the plea has avoided a federal trial.
Tuesday, June 23, 2009
More on the Real Cost of Data Breaches -- $9.75 Million
Add another $9.75 million (plus - see below) to the cost of the TJX Cos. Inc. 2006 data breach.
The company has reached a settlement with 42 states over allegations that it failed to provide adequate security for its customers. $5.5 million of the settlement will be dedicated to data protection and consumer protection efforts by the states and another $1.75 million will be used to reimburse the costs and fees of the investigation.
Massachusetts AG Martha Coakley's office led the executive committee running the investigation. In a statement, AG Coakley said, "This settlement ensures that companies cannot write-off the risk of a data breach as a cost of doing business. In addition to the monetary relief, this agreement requires TJX to implement and maintain a substantial data security program to ensure that this kind of data breach does not happen again." Massachusetts will get nearly $1 million in the settlement.
The parenthetical "plus" in my first paragraph refers to an additional cost included in the settlement agreement. TJX must implement major security improvements and report and must certify that its computer system meets detailed data security requirements specified by the states. The settlement also requires the company to encourage the development of new technologies to address weaknesses in the U.S. payment card system.
The company has reached a settlement with 42 states over allegations that it failed to provide adequate security for its customers. $5.5 million of the settlement will be dedicated to data protection and consumer protection efforts by the states and another $1.75 million will be used to reimburse the costs and fees of the investigation.
Massachusetts AG Martha Coakley's office led the executive committee running the investigation. In a statement, AG Coakley said, "This settlement ensures that companies cannot write-off the risk of a data breach as a cost of doing business. In addition to the monetary relief, this agreement requires TJX to implement and maintain a substantial data security program to ensure that this kind of data breach does not happen again." Massachusetts will get nearly $1 million in the settlement.
The parenthetical "plus" in my first paragraph refers to an additional cost included in the settlement agreement. TJX must implement major security improvements and report and must certify that its computer system meets detailed data security requirements specified by the states. The settlement also requires the company to encourage the development of new technologies to address weaknesses in the U.S. payment card system.
The other states participating in the agreement are Alabama, Arizona, Colorado, Delaware, Hawaii, Idaho, Iowa, Louisiana, Maine, Maryland, Massachusetts, Michigan, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Mexico, New York, North Carolina, North Dakota, Oklahoma, Rhode Island, South Dakota, Texas, Washington, West Virginia, Wisconsin, and the District of Columbia.
Other links:
Subscribe to:
Posts (Atom)
Posts
