Re: Consumers of Hannaford Brothers Co. SupermarketsFile Class Action Suit

["Sasha Romanosky" <sromanos () andrew cmu edu>]

Well, careful. If victims need to demonstrate actual financial loss,
fraudulent charges covered by the credit card company may not be considered.


That being said, let's look at what we know about choicepoint: 
. Fined $10M by FTC for violating fair credit reporting act, and $5M trust
fund for consumer redress,
. $500k toward public education campaigns about identity theft 
. Paid $500k for state legal fees 
. $10M shareholder lawsuit
For a total of $26M (from around 160k records)

So the claim of 1800 reported cases of identity theft (which may or may not
have resulted in actual loss) may be the least of their worries. 

cheers,
sasha

> -----Original Message-----
> From: dataloss-bounces () attrition org 
> [mailto:dataloss-bounces () attrition org] On Behalf Of Jamie C. Pole
> Sent: Wednesday, March 19, 2008 8:41 PM
> To: dataloss-bounces () attrition org; dataloss () attrition org
> Subject: Re: [Dataloss] Consumers of Hannaford Brothers Co. 
> SupermarketsFile Class Action Suit
>
>
> Let's also consider the possibility the Hannaford WAS using 
> the tool correctly, and that it just didn't work as advertised.
>
> As far as the law firm being on the ball, trust me, they are. 
>  I know this firm well, and they will absolutely include 
> Rapid7 in their discovery process.  If I was senior 
> management at Rapid7, I would NOT be sleeping well right now.
>
> The kiss of death in this case is going to be the fact that 
> there have been around 1800 reported cases of fraud stemming 
> from the incident.  This was not an accident.
>
> Jamie
>
> -----Original Message-----
> From: dataloss-bounces () attrition org 
> [mailto:dataloss-bounces () attrition org]
> On Behalf Of Mike Simon
> Sent: Wednesday, March 19, 2008 6:47 PM
> To: lyger; dataloss-bounces () attrition org; dataloss () attrition org
> Subject: Re: [Dataloss] Consumers of Hannaford Brothers Co. 
> Supermarkets FileClass Action Suit
>
> This could not be a better example of why companies hesitate 
> to disclose details. If this lawfirm is on the ball. They 
> will get access to the exchange with Rapid7 which, according 
> to the press release changes, indicates potential additional 
> negligence in that the had a tool that may have prevented 
> this problem and failed to use it properly. Not a helpful 
> disclosure for Hannaford with respect to the class action. 
>
> Mike
>
>
> _______________________________________________
> Dataloss Mailing List (dataloss () attrition org) 
> http://attrition.org/dataloss
>
> Tenable Network Security offers data leakage and compliance 
> monitoring solutions for large and small networks. Scan your 
> network and monitor your traffic to find the data needing 
> protection before it leaks out!
> http://www.tenablesecurity.com/products/compliance.shtml

_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml