Court: FTC can bring down the hammer on companies with sloppy cybersecurity

[InfoSec News <alerts () infosecnews org>]

http://www.itworld.com/article/2974770/data-protection/appeals-court-denies-challenge-to-ftcs-cybersecurity-enforcement.html

By Grant Gross
IDG News Service
August 24, 2015

The U.S. Federal Trade Commission has the authority to take action against 
companies that fail to protect customer data, an appeals court ruled 
Monday.

The U.S. Court of Appeals for the Third Circuit upheld the FTC's 2012 
lawsuit against hotel and time-share operator Wyndham Worldwide. The FTC 
filed a complaint against Wyndham for three data breaches in 2008 and 2009 
that led to more than US $10.6 million in fraudulent charges.

The appeals court ruling, upholding a 2014 district court decision, 
suggests the FTC can hold companies responsible for failing to use 
reasonable security practices.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/