Consumer Rights Wiki

Acer settles online breach probe for $115k: Difference between revisions

← Older editNewer edit →
VisualWikitext
Settlement with New York State Attorney General: Add citation needed template to a couple of unsourced parts
Fireablazin (talk | contribs)
confirmed
21 edits
m Added the citations as indicated.
Line 21: Line 21:


===Settlement with New York State Attorney General===
===Settlement with New York State Attorney General===
In January 2017, Acer reached a settlement with the New York Attorney General’s office, agreeing to pay $115,000 in penalties and adopt a range of security reforms. These included designating employees to oversee data protection, implementing annual staff training, adopting multi-factor authentication, deploying intrusion detection systems, and conducting regular penetration tests and vulnerability assessments. Acer also committed to following credit card industry data security standards and to hold service providers to the same level of compliance.{{Citation needed}}
In January 2017, Acer reached a settlement with the New York Attorney General’s office, agreeing to pay $115,000 in penalties and adopt a range of security reforms. These included designating employees to oversee data protection, implementing annual staff training, adopting multi-factor authentication, deploying intrusion detection systems, and conducting regular penetration tests and vulnerability assessments. Acer also committed to following credit card industry data security standards and to hold service providers to the same level of compliance.<ref name=":0" />


==Consumer response==
==Consumer response==
Line 29: Line 29:
On The Register’s forum, reactions were similarly skeptical and critical.<ref>{{Cite web |last=Nichols |first=Shaun |date=2016-06-17 |title=You Acer holes! PC maker leaks payment cards in e-store hack |url=https://www.theregister.com/2016/06/17/what_a_pain_in_the_acer/ |url-status=live |access-date=2025-08-18 |website=The Register}}</ref> Commenters condemned Acer for failing to follow PCI DSS compliance standards and for allowing card verification codes to be compromised.<ref>{{Cite web |last=Pasher |first=Justin |date=2016-06-17 |title=Re: Storing CC security verification codes |url=https://forums.theregister.com/forum/all/2016/06/17/what_a_pain_in_the_acer/ |url-status=live |access-date=2025-08-18 |website=Forum on 'The Register'}}</ref> Some users confirmed they did receive breach notification letters, though experiences varied widely. Many expressed concern that Acer’s negligence would push costs and risks onto consumers through fraudulent charges and credit monitoring needs.
On The Register’s forum, reactions were similarly skeptical and critical.<ref>{{Cite web |last=Nichols |first=Shaun |date=2016-06-17 |title=You Acer holes! PC maker leaks payment cards in e-store hack |url=https://www.theregister.com/2016/06/17/what_a_pain_in_the_acer/ |url-status=live |access-date=2025-08-18 |website=The Register}}</ref> Commenters condemned Acer for failing to follow PCI DSS compliance standards and for allowing card verification codes to be compromised.<ref>{{Cite web |last=Pasher |first=Justin |date=2016-06-17 |title=Re: Storing CC security verification codes |url=https://forums.theregister.com/forum/all/2016/06/17/what_a_pain_in_the_acer/ |url-status=live |access-date=2025-08-18 |website=Forum on 'The Register'}}</ref> Some users confirmed they did receive breach notification letters, though experiences varied widely. Many expressed concern that Acer’s negligence would push costs and risks onto consumers through fraudulent charges and credit monitoring needs.


Consumers faced heightened risks of identity theft and financial fraud due to the exposure of full credit card details, login credentials, and personal addresses. The fact that sensitive data was stored unencrypted in plain text worsened concerns about Acer’s handling of private information. While the settlement imposed stronger protections going forward, many customers were left to deal with potential fraudulent charges, credit monitoring, and long-term distrust in Acer’s ability to safeguard their personal information. Public statements from the Attorney General emphasized consumer expectations for companies to uphold basic data security standards, reflecting broader frustration with corporate negligence in protecting private data.{{Citation needed}}
Consumers faced heightened risks of identity theft and financial fraud due to the exposure of full credit card details, login credentials, and personal addresses. The fact that sensitive data was stored unencrypted in plain text worsened concerns about Acer’s handling of private information. While the settlement imposed stronger protections going forward, many customers were left to deal with potential fraudulent charges, credit monitoring, and long-term distrust in Acer’s ability to safeguard their personal information. Public statements from the Attorney General emphasized consumer expectations for companies to uphold basic data security standards, reflecting broader frustration with corporate negligence in protecting private data.<ref name=":0" />


==References==
==References==
{{reflist}}
{{reflist}}
[[Category:Acer]]
[[Category:Acer]]
Retrieved from "https://consumerrights.wiki/Acer_settles_online_breach_probe_for_$115k"