Eventbrite, After iPad Theft, Warns Customers To Monitor Email

[Jeffrey Walton <noloader () gmail com>]

http://www.huffingtonpost.com/2011/09/30/eventbrite-ipad-theft-customers-email_n_988662.html

The online ticketing company Eventbrite warned customers Thursday to
monitor their email accounts for suspicious messages after two company
iPads storing sensitive customer data were stolen from an employee.

In a letter emailed to customers and posted on the company's blog,
Eventbrite CEO Kevin Hartz said the iPads were stolen from an employee
on Sept 20. The data stored on the devices included names and email
addresses of customers who bought tickets online to one customer
event, Hartz said. The lost data also included full credit card
numbers for 28 attendees who purchased tickets at the event. Those
credit card numbers were not encrypted due to a bug in the company’s
iPad application, he said.

As Eventbrite tried to determine what other information may have been
stored on the stolen iPads, the company remotely locked the devices
and erased the data, Hartz said. The letter noted that the company
believed the risk for criminal misuse was low, but it asked customers
to watch their email accounts for suspicious messages and to avoid
sharing financial or sensitive information over email.
...
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/