New York Attorney General Eric T. Schneiderman announced a settlement with Provision Supply d/b/a EZcontactsUSA.com, involving a data breach resulting in the potential exposure of over 25,000 credit card numbers and other data.
Article continues below
EZcontactsUSA.com has agreed to pay $100,000 in penalties and to shore up its data security practices.
On August 7, 2014, a third party infiltrated EZcontactsUSA.com website, which is based in Brooklyn, New York. On June 05, 2015, EZcontactsUSA.com's merchant bank notified it that fraudulent charges were appearing on customer credit card accounts.
Shortly thereafter, EZcontactsUSA.com engaged a company to conduct a forensic investigation, which discovered and removed all the malware on the EZcontactsUSA.com website.
EZContactsUSA.com never provided notice to its customers or law enforcement about the breach, in violation of General Business Law, which requires notice be provided to affected individuals and various government agencies including Schneiderman’s office, in the most expedient time possible and without unreasonable delay.
The settlement requires EZcontactsUSA.com to conduct thorough and expeditious investigations of any future data security breaches, provide prompt notice of data security breaches to affected New York residents and to New York law enforcement.
EZcontactsUSA.com must maintain reasonable security policies and procedures designed to protect the personal information of consumers in accordance with New York State General Business laws, and to remediate the many security vulnerabilities contained in its website.
EZcontactsUSA.com must also train employees with the most up-to-date data security practices, and pay a $100,000 penalty. ■
A very active and complex mid-May weather pattern is set to produce numerous areas of severe weather, heavy rain, high winds, and anomalous temperatures through this weekend.