BreachExchange mailing list archives
Hong Kong E-Payment Firm Admits Selling Customer Data
From: security curmudgeon <jericho () attrition org>
Date: Fri, 30 Jul 2010 13:50:51 -0500 (CDT)
http://www.zdnetasia.com/hong-kong-e-payment-firm-admits-selling-customer-data-62201697.htm Hong Kong e-payment firm admits selling customer data By Eileen Yu, ZDNet Asia on July 29, 2010 Hong Kong's Octopus Holdings has admitted to selling its customers' personal information since January 2006 and pocketing HK$44 million (US$5.7 million) from doing so. The e-payment services provider said it sold personal data belonging to 1.97 million customers to six companies including Cigna Worldwide Life Insurance, according to a report from local broadcaster Radio Television Hong Kong. Octopus CEO Prudence Chan, who was speaking at a private hearing with the Hong Kong Privacy Commission, was quoted as saying the company has pledged not to provide personal data to other companies in future. Octopus had earlier denied it sold customer data, until it was called up by the Commission to testify at an official investigation of the company's practices, noted a report by Apple Daily. Chan then retracted the denial. Octopus' contactless payment cards are used widely by commuters of Hong Kong's underground trains operated by MTR, which incidentally owns 57.4 percent of Octopus shares, and also for various transactions such as fast-food outlets and convenience stores. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Hong Kong E-Payment Firm Admits Selling Customer Data security curmudgeon (Aug 02)