Guidance Software settles with FTC

By

A computer forensics firm in the US has settled charges by the country's trade watchdog Federal Trade Commission (FTC) for failing to protect private customer data, including that of IT security professionals, when hackers hijacked its network last year.


Guidance Software, which sells solutions for responding to network incidents, failed to safeguard its network to withstand common web-based attacks and detect unauthorised access to credit card information, the FTC said in a statement Thursday.

In addition, the Pasadena, Calif. company stored credit card data in "clear readable text" that allowed for easy access.

Last December, Guidance reported hackers broke into a company database and stole 3,800 credit card numbers, including those of information security and law enforcement officers.

Thursday's settlement requires Guidance to create a "comprehensive information-security program" and to undergo audits every two years for the next decade.

"We at Guidance Software take the security of our customers very seriously, and remain dedicated to maintaining a comprehensive program designed to protect the security, confidentiality and integrity of our customers' information," John Colbert, Guidance CEO, said in a statement Thursday.

"We will continue with an aggressive approach to information security and plan to surpass the requirements set forth in our agreement with the FTC."
Click here to email Dan Kaplan.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
ftcguidancesecuritysettlessoftwarewith

Sponsored Whitepapers

State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape
Transform IT Service Delivery with Freshworks ITSM
Transform IT Service Delivery with Freshworks ITSM
Digital Transformation That Works in the Real World
Digital Transformation That Works in the Real World
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Transforming IT for the Hybrid Era
Transforming IT for the Hybrid Era

Events

Most Read Articles

Accenture to buy Australian cyber security firm CyberCX

Accenture to buy Australian cyber security firm CyberCX
"Shade BIOS" stealth malware hides below operating system

"Shade BIOS" stealth malware hides below operating system
University of Western Australia resets all staff and student passwords

University of Western Australia resets all staff and student passwords
"BitUnlocker" full-volume encryption bypass found by Microsoft researchers

"BitUnlocker" full-volume encryption bypass found by Microsoft researchers
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?