[SGVLUG] Web tracking firm settles charges it collected passwords, financial data

matti mathew_2000 at yahoo.com
Mon Oct 22 16:30:30 PDT 2012


fyi -


LAW & DISORDER / CIVILIZATION & DISCONTENTS
Web tracking firm settles charges it collected passwords, financial data
Company agrees to purge sensitive data, stop sending it over Internet in cleartext.

"In fact, Compete collected more than browsing behavior or addresses of webpages," FTC lawyers wrote in a civil complaint filed in the case. "It collected extensive information about consumers' online activities and transmitted the information in clear readable text to Compete's servers. The data collected included information about all websites visited, all links followed, and the advertisements displayed with the consumer was on a given webpage."
As long ago as January 2006, the company also captured credit card numbers, social security numbers, passwords, and other sensitive data, because code designed to filter out that data often didn't work properly, FTC officials alleged...After the flaws were publicly disclosed in January 2010, the company upgraded the filters to better screen out such information. The software also began encrypting data in transit to prevent it from being intercepted by third parties.

http://arstechnica.com/tech-policy/2012/10/web-tracking-firm-settles-charges-it-collected-passwords-financial-data/



More information about the SGVLUG mailing list