Forgot your password?
typodupeerror
Privacy Australia Security

Australian Website Waits Three Years To Inform Customers of Data Breach 35

Posted by Unknown Lamer
from the better-never-than-late dept.
AlbanX (2847805) writes Australian daily deals website Catch of the Day waited three years to tell its customers their email addresses, delivery addresses, hashed passwords, and some credit card details had been stolen. Its systems were breached in April 2011 and the company told police, banks and credit cards issuers, but didn't tell the Privacy Commissioner or customers until July 18th.
This discussion has been archived. No new comments can be posted.

Australian Website Waits Three Years To Inform Customers of Data Breach

Comments Filter:
  • by Todd Palin (1402501) on Saturday July 19, 2014 @01:10AM (#47487721)

    This sounds like a perfect lawsuit to me. Their failure to limit the damage seems negligent. Perhaps a hefty class action suit is in order.

  • While implied in the subject, the body of the article failed to clarify that we were not told until July 18th 2014.

  • Pretty much anything entered online == stolen.

    Amirite?

    Aw yeah, I'm right.

    Ha ha, CAPTCHA is "redesign"

  • At this point they'd probably end up with fewer problems just by keeping it quiet forever.

  • It's kind of like telling someone that their Great Great Grandfather died and expecting them to congratulate them on their promptness.
    • Email: aliased. One point for me.
    • Password: not the same as any other site. Another point for me.
    • Credit card: nope, use PayPal. Doesn't feel like a point for anyone.
    • Address: moved since April 2011. Three points for me, total. Three and a half, maybe.

    Back to Pixel Miner.

  • I've used that site, too...

    Not only did they take eternity to fess up but I found out about it via Slashdot - not from them. I have the same email address as 3 years ago, so I don't see why they couldn't have sent me an email??
  • by davidmwilliams (1117749) on Saturday July 19, 2014 @07:29AM (#47488185) Homepage
    Here is my story on this event, including (page 2) a "Q&A" I managed to get from them where they avoided most of my questions: http://www.itwire.com/business... [itwire.com]
  • They won't suffer much harm business-wise, as this issue will mostly be forgotten over the weekend.
  • by davidmwilliams (1117749) on Saturday July 19, 2014 @07:53AM (#47488239) Homepage
    Catch of the day users noticed something was fishy back in February 2012. "We take data security seriously" said Catch of the Day rep. Yet CotD continued to choose not to tell anyone: http://www.itwire.com/business... [itwire.com]

In every non-trivial program there is at least one bug.

Working...