Announce Breach. Blink. Be Sued

There is only one thing that is faster than a cyberthief grabbing stolen card data: A lawyer suing that breached retailer. Only 13 days passed from the Dec. 15, 2009, announcement of a breach at social networking application development site RockYou until a lawsuit against RockYou was filed. The case, filed in U.S. District Court in San Francisco by RockYou user Alan Claridge, asserts that RockYou failed to use even rudimentary security to protect the personally identifiable information (PII), including E-mail addresses, of millions.

"RockYou stored users' PII in an unencrypted database with poor network security," Claridge said. "RockYou's willful failure to secure its users' sensitive PII led to multiple security breaches that exposed 32 million users to identity theft and other malicious conduct. Although security threats are unavoidable in a rapidly developing technological environment, RockYou recklessly and knowingly failed to take even the most basic steps to protect its users' PII by leaving the data entirely unencrypted and available for any person with a basic set of hacking skills" to access.

Suggested Articles

Costco changes up its menu items, and Alibaba and Guess partner for a physical store.

Janey Whiteside, Walmart's new chief customer officer, is well acquainted with the importance of customer service in modern retail.

Whole Foods will offer deals on Amazon's Prime Day, and tariffs against China are causing pricing hikes.