Data Breach: Online Retailer to Settle CCPA and UCL Allegations

Unredacted, unencrypted customer PII stored on the ecommerce platform was scraped by hackers and offered for sale on the dark web; reasonable steps will be taken by the retailer to secure access to the platform (risk assessment, multi-factor authentication, phishing and penetration testing, and hiring a Cyber Security Directory) and a $400,000 settlement fund will be paid.

 

#cyber #hacker #emergingrisk #privacy