FTC: An online seller of computer supplies and other consumer electronics has agreed to settle Federal Trade Commission charges that it violated federal law by failing to provide reasonable security to protect sensitive customer data. ... According to the FTC’s complaint, Compgeeks.com (Compgeeks), which operates the www.geeks.com Web site, and its parent company, Genica Corporation (Genica), collect sensitive information from consumers to obtain authorization for credit card purchases. ... In January 2008, media reports revealed a data breach at the company. It was later confirmed that hackers accessed the sensitive information of hundreds of consumers. ... The proposed settlement ... requires them to implement and maintain a comprehensive information-security program that includes administrative, technical, and physical safeguards. It also requires the companies to obtain, every other year for 10 years, an audit from a qualified, independent, third-party professional to ensure that the security program meets the standards of the order. In addition, the proposed settlement contains standard record-keeping provisions to allow the FTC to monitor compliance.
Read more ...
Citadel Information Group
Information Security Management for Business and the Not-for-Profit Community
www.citadel-information.com
Delivering Information Peace of Mind ®
www.citadel-information.com
Delivering Information Peace of Mind ®
Posts
Search This Blog
Index of Topics
- Business at risk (115)
- Citadel in the news (7)
- Citadel Information Security Guides (8)
- Citadel: Guide to Blog (1)
- Citadel: Thinking about Security (10)
- Cloud Security (2)
- Consumers at risk (13)
- Credit card fraud (14)
- Culture Change (1)
- Financial systems security (67)
- Healthcare (7)
- Identity theft (30)
- Insurance (1)
- Internet badlands (113)
- ISSA-LA (2)
- Law Firms (2)
- Legal (23)
- Miscellany (6)
- national security (46)
- Not-for-Profit (5)
- Privacy (27)
- Ray of Sunshine (15)
- School security (3)
- Security Alert: Vulnerability Management (74)
- Security management (24)
- Security Research (5)
- Security Surveys (13)
- Social Engineering (1)
- Social networks (13)
Blog Archive
-
►
2011
(2)
- ► January 2011 (2)
-
▼
2010
(237)
- ► December 2010 (6)
- ► November 2010 (9)
- ► October 2010 (7)
- ► September 2010 (8)
- ► August 2010 (13)
- ► April 2010 (39)
- ► March 2010 (65)
-
▼
February 2010
(38)
- Mass. Privacy Law: Are You Compliant?
- Military Announces New Social Media Policy
- Organiser of Darkmarket fraud website jailed
- Intel admits it is under constant attack from hackers
- N.Y. Firm Faces Bankruptcy from $164,000 E-Banking...
- China's military warns Washington, denies hacking
- IT Firm Loses $100,000 to Online Bank Fraud
- Intel Was Attacked at the Same Time as Google
- Widespread Data Breaches Uncovered by FTC Probe. F...
- Symantec 2010 State of Enterprise Security Study S...
- U.S. pinpoints code writer behind Google attack: r...
- Hacking Inquiry Puts China’s Elite in New Light
- Schools in China say they weren't behind hacking
- CVS Caremark Settles FTC Charges that It Failed to...
- Microsoft Confirms: Got Bluescreen? Check for Root...
- Broad New Hacking Attack Detected
- Large Worldwide Cyber Attack Is Uncovered
- 2 China Schools Said to Be Tied to Online Attacks
- ‘Time Bomb’ May Have Destroyed 800 Norfolk City PCs
- Security Updates for Adobe Reader, Acrobat
- Dozens Of Defense Contractors, Agencies Hacked
- Hackers Steal $150,000 from Mich. Insurance Firm
- China leads the world in hacked computers, McAfee ...
- Rootkit May Be Culprit in Recent Windows Crashes
- Critical Security Update for Adobe Flash Player
- China Alarmed by Security Threat From Internet
- How to Protect Yourself from the Internet Crime Wa...
- ID Theft: Don't Take It Personally
- New Banking Trojan Discovered Targeting Businesses...
- 13 Ways to Protect Your Windows PC
- Comerica Phish Foiled 2-Factor Protection; Bank Sued
- Zeus Attack Spoofs NSA, Targets .gov and .mil
- Consumer Electronics Company Agrees to Settle Data...
- Hackers Try to Steal $150,000 from United Way
- U.S. 'Severely Threatened' By Cyber Attacks says D...
- Twitter Asks Users To Reset Passwords After Possib...
- A Tale of Two Victims
- Hacking for Fun and Profit in China’s Underworld
- ► January 2010 (27)
-
►
2009
(83)
- ► December 2009 (17)
- ► November 2009 (7)
- ► October 2009 (9)
- ► September 2009 (22)
- ► August 2009 (17)
- ► February 2009 (1)
Information Security Links
- Citadel Information Group
- Google Online Security Blog
- Information Systems Security Association
- Information Systems Security Association - LA Chapter
- InfraGard - Los Angeles
- Krebs on Security
- Microsoft Malware Protection Center
- MITRE CVE
- NIST Computer Security Resource Center
- Open Web Application Security Project (OWASP)
- Privacy Rights Clearinghouse
- SANS Internet Strom Center
- US CERT
Disclaimer
Citadel provides this blog as a public service to the community. We make no claim or representation that items posted on this blog are correct. We post "Security Alerts" primarily to assist readers manage security vulnerabilities on their personal home computers; these alerts are NOT comprehensive and are not to be relied upon as such.
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com