Email Security Issues & Jail Time
We often manage key online data for clients, like email addresses and other personal information, so we take the security role very seriously. We have tight processes and use different ways to securely manage client data.
If you ever wonder why some companies seem to be overly cautious about trusting partners and vendors with personally identifiable information (PII), here is a reason why:
William Bailey, Jr, 46, of Charlotte, North Carolina, has been indicted by the U.S. Attorney's office in Philadelphia with 11 counts of computer intrusion.
Bailey operates dr-411.com, a web site that offers for sale various professional organization member databases, including addresses and email addresses. One such example is:
"Physician Email Database 20,350 emails for $399"
According to the indictment:
"The indictment charges that between January and May 2005, Bailey gained unauthorized access to the computer at American College of Physicians and downloaded the membership database.
The ACP web site contained the following restriction on its use. A viewer had to read this warning before getting access to the membership database:
"Member Connection" or any of its data or listings may not be downloaded, republished, resold or duplicated, in whole or in part, for commercial or any other purposes, or for purposes of compiling mailing lists or any other lists of physicians. The use of "Member Connection" to establish independent data files or compendiums of statistical information is prohibited.. . . Should the foregoing terms and conditions be acceptable to you, please indicate your agreement and acceptance by clicking below on the button labeled, "I accept."
"As the indictment alleges, the defendant was not an ACP member, knew he couldn't gain access to the database and download the information that he wanted, so he ignored the stop signs and the law, said Meehan. Meehan also noted that the American College of Physicians called the FBI immediately and cooperated during the investigation.
If convicted, Bailey faces a maximum possible sentence of 55 years imprisonment, $2,750,000 in fines and a special assessment of $1100.
The case was investigated by the computer crimes squad of the Federal Bureau of Investigation. It has been assigned to Assistant United States Attorney Michael L. Levy."
The Justice Department has more information located here:
Surprisingly, I had not heard about this case in the mainstream or even trade press, since these seem to be the only email related news that big media picks up. I first read about this on a blog from a gentleman from the Netherlands
0 Comments:
Post a Comment
<< Home