The CitySights NY tour company has notified certain state attorneys general that the financial data of more than 100,000 customers was stolen when a SQL injection attack hit one of its Web servers. Among those whose data were exposed are 1,850 Massachusetts residents, causing a threatpost.com report to ask, "Could this be the test case for enforcement of the state's nine-month-old data privacy law?" The breach exposed the names, addresses and full credit card account information including card verification data. "The leak...could prove to be an early test of the nation's strongest data privacy law," the report states.
If you want to comment on this post, you need to login.