l-8 - 2/25/10 1. Deceptiveactsorpractices Company makes...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
2/25/10 1. Deceptive acts or practices Company   makes   false   promise   to   take   reasonable   steps   to   protect   sensitive  consumer information Fined companies - Petco - Tower Record - Guess, Inc. - Microsoft Petco’s Claim “At Petco,  protecting your information is our number one  priority,  and your  personal information is strictly shielded from unauthorized access.  Entering your  credit card number via our secure sever is completely safe.  The server encrypts  all of your in formation, no one except you can access it.” The Reality 1. Petco.com did not encrypt the data 2. Credit card data was only encrypted during transmission between customer and  Petco web server 3. Data was accessible to persons other than the consumer providing the information FTC Finding Petco.com   “created   vulnerabilities”   by   failing   to   implement  reasonable   and   appropriate  measures to secure and protect database that support or connect to  the website against well-known vulnerabilities - What are the reasonable and appropriate measures? The Hack Hacker used a commonly known attack to manipulate Petco.com to get sensitive  personal information about other consumers Structured Query Language injection attack (or “SQL” attack)
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 3

l-8 - 2/25/10 1. Deceptiveactsorpractices Company makes...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online