The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Wednesday, December 21, 2005
This has got to be a pretty embarrassing letter to write ...
More than three thousand customers of Guidance Software Inc. have been told that the company's network has been hacked, compromising credit card and personal data of customers.
Computer forensics firm’s database hacked
The credit card numbers of 3,800 Guidance Software people were exposed
DECEMBER 21, 2005 (COMPUTERWORLD) - The customer database of computer forensics firm Guidance Software Inc., a provider of software that diagnoses computer break-ins, has been hacked.
The Pasadena, Calif. company said in a Dec. 13 letter to its customers that the breached database contained credit card numbers of 3,800 people. The database also contained the expiration dates and card verification numbers of those credit cards as well the names, addresses and telephone numbers of the customers, according to the letter from Guidance CEO John Colbert. The database did not contain any customer financial data that could put them at risk of identify theft, he said.
“Guidance is taking this matter very seriously,” Colbert said in the letter. “Upon learning of the incident on December 7, we have been working quickly to investigate the unauthorized network activity and remediate the person’s method of access. The next day (December 8) we referred this incident to the U.S. Secret Service, who have begun their own investigation. Of course, our investigation is ongoing, and we will continue to cooperate fully with law enforcement in its investigation as well. To prevent any further unauthorized access of your personal information, we have also deleted all of your credit card information from our customer database.”
The letter from Colbert was provided to Computerworld by Michael Kessler, president of Kessler International, a New York-based computer forensics investigation company. A Guidance spokeswoman confirmed the information contained in the letter, but declined to comment further because of the ongoing investigation....
Labels: information breaches
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.