ChoicePoint hit by $275K fine for 2008 data security breach
Wednesday, October 21, 2009
ChoicePoint, a large data broker subsidiary of Reed Elsevier, has been ordered to pay a $275,000 fine by the U.S. Federal Trade Commission, over a data breach in 2008 that exposed the private data of more than 13,000 customers.
The company has agreed to the fine in a court order that also requires ChoicePoint to implement better data security. FTC alleged in its court filing that ChoicePoint failed to implement a comprehensive data security program to protect customers.
In April 2008, ChoicePoint turned off a "key electronic security tool used to monitor access to one of its databases," which led to unauthorized access of data over a period of 30 days before it was detected by ChoicePoint, according to the FTC.
The FTC has fined ChoicePoint before over a serious data breach in 2005, which compromised the personal information of more than 163,000 consumers and led to 800 cases of identity theft.
ChoicePoint was required by a court to pay $10 million in civil penalties and $5 million in consumer damages for the 2005 data breach.
In the current threat environment of security breaches from online attackers, businesses face multiple challenges in addressing network security and compliance. The online payroll company PayChoice has had its website and databases compromised twice this month by hackers who stole login passwords from customers.
Related News:
Failed terrorist attack prompts questions about the next time - 12.31.2009
Cyber security experts said, in the wake of the failed bombing of a Northwest Airlines flight bound for Detroit, that the next terrorist attack could come from cyberspace.
Social media app developer sued over privacy breach - 12.31.2009
RockYou, a firm that creates applications for use on social media networks, was sued this week by an Indiana man who alleges that the developer failed to adequately safeguard his personally identifiable information.
'Iranian Cyber Army' uses DNS hacking to bring down Twitter - 12.18.2009
Popular microblogging service Twitter went down for several hours on Thursday as hackers claiming to represent the "Iranian Cyber Army" disrupted the site's DNS records and replaced the front page graphics with angry anti-American sentiments presented in broken English.
TJX settles another class action over data breach - 9.4.2009
TJX Companies yesterday announced a settlement agreement that will result in the dismissal of a class action initiated by financial institutions as a result of the data breach of TJX's network security during 2005 and 2006 that exposed approximately 40 million credit card numbers.
Radisson data breach exposed credit card numbers - 8.20.2009
Between November 2008 and May 2009, hackers infiltrated the network security of computer systems at some Radisson hotels in the U.S. and Canada and accessed customer names and credit card numbers, the hotel chain disclosed Wednesday.
|
