You are here
Home > Be Aware > FTC gives two companies a slap on the wrist after appalling hacks

FTC gives two companies a slap on the wrist after appalling hacks

Don’t be like these guys, even if the regulator might let you off…:

[…] But the court documents also reveal details of ClixSense’s hack that have not been made public before. According to court documents, hackers ran amok inside the company’s network, accessing documents, email accounts, and credentials stored on employee laptops; changing employees’ passwords; redirecting email notifications for multiple network and cloud accounts; and even changing DNS records to point the company’s website to an adult-themed website.

Despite the company’s obvious security failings and the damage done to consumers, the FTC has not come down hard on the company, which failed even at the most basic tasks of securing its infrastructure.

Per the settlement, the ClixSense and its CEO, James Grago, must not make false claims about the security and privacy of their service and must obtain independent biennial security assessments.

I-DRESSUP.COM HACK

The FTC also signed a similar, yet just a tad bit harsher settlement, with another company, i-Dressup, which ran a now-defunct eponymous website for children.

This company made the exact same mistakes that ClixSense made –storing personal information in clear text with no encryption– and suffered the same fate, two weeks after ClixSense.

[…]

Original Article

Peter Glock
Over 30 years of designing, building and managing telecoms and IT services. Primarily working with large enterprise and professional services businesses in Asia, North America, continental Europe and the UK. Information security professional, secret physics nerd.
https://brownglock.com

Similar Articles

Leave a Reply

Top
%d bloggers like this: