Guidance Software settles FTC charges

["Gary Funck" <gary () intrepid com>]

[The cobbler's children have no shoes.]

http://www.businessweek.com/ap/tech/D8LEGQ281.htm

The Associated Press
November 16, 2006, 8:14PM EST

Guidance Software settles FTC charges
By CHRISTOPHER S. RUGABER

Guidance Software Inc. said Thursday it's settled Federal Trade Commission
charges stemming from a 2005 security failure that allowed hackers to access
the credit card information of thousands of customers.

Guidance, which makes software used by law enforcement agencies and
corporations to investigate network breaches, failed to take "reasonable
security measures" to protect sensitive customer data and that its failure
to do so "contradicted security promises made on its Web site" and violated
federal law, according to an FTC statement.
[...]
The settlement agreement involved no financial penalties and did not
constitute an admission of guilt, the privately held company said.

According to the FTC, the company "failed to implement simple, inexpensive
and readily available security measures" to protect its customers' data. The
company, the agency said, also failed to adequately asses the vulnerability
of its network to well-known Web-based attacks and did not take steps to
detect unauthorized access to its consumers' credit card information.
[...]

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.