C.D. Peacock sues local IT firm for security breach

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.chicagobusiness.com/article/20120209/BLOGS01/120209751

Chicago jeweler C.D. Peacock Inc. has sued Oak Brook-based BridgePoint
Technologies, alleging the tech company's negligence led to a serious
security breach and compromise of customers' financial data.

The lawsuit, filed Wednesday in Cook County Circuit Court, claims that
Peacock's VPN network, which allows users to connect to its network
remotely, stopped working in March 2010.

Peacock says BridgePoint executives instructed the jeweler to stop
using the VPN, which created vulnerabilities that "led almost
immediately to a serious security breach."

Hackers then accessed Peacock's credit card processing network and
transferred customer card numbers, the suit alleges.

BridgePoint executives were not immediately available to comment.

Peacock does not say in the filing how many customers were affected
but claims it suffered damages in excess of $250,000.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Small, inexpensive USB drives pose huge threats to organizations left unprotected. 
Download Chapter 1 of CREDANT Technologies eBook
Data Protection to the Rescue
http://www.credant.com/campaigns/external_media_ebook/chapter1/lp/