in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based data and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

AlertBoot Endpoint Security

AlertBoot offers a cloud-based data and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Breach Cost: Stratfor $50 Million Lawsuit Being Settled For $1.75 Million

I just stumbled upon the news that Stratfor -- the global security analysis company that was hacked by Anonymous on Christmas of last year, and was the butt of jokes for some time because of the irony -- has announced its intention to settle.  The proposed settlement, if accepted, leaves my head scratching.  It's the one of the most self-serving settlements I've run across for an instance where a company is sued for not engaging in proper data security practices.

Access to Service AND an E-Book? What a Deal!

According to news outlets,

The settlement called for Stratfor to offer class members who opt in to it one month of free access to its service, worth $29.08, and an electronic book published by Stratfor called "The Blue Book," priced at $12.99. The two together may cost Stratfor approximately $1.75 million, according to estimates in the settlement.

The settlement also calls on Stratfor to pay for a credit monitoring service for class members who ask for it, as well as to continue paying for additional security to protect its networks. A $400,000 lump sum will go to paying plaintiff attorneys and various fees. [reuters.com]

The figure of $1.75 million, compared to the original lawsuit for $50 million is remarkably low.  In fact, it appears that the figure represents the cost of supplying the proposed goods and services at no charge.

So...the figure represents Stratfor's current operating expenses?  The book is already paid for, and it costs almost nothing to distribute it.  And, it's an extra month of access to Stratfor's intelligence for members who are already signed up, so there isn't much additional work but to just keep on trucking on Stratfor's part.

What a deal! For Stratfor, that is.  Makes one wonder why the lawsuit was even filed to begin with.  I mean, if it was to "teach them a lesson," I think they already got that from the P.O.'ed clients they have and the global negative PR hit they took.

When it comes to compensating clients whose data was breached, this is one of the most self-serving settlements I've heard of, only topped by TJX:

Plus, there was the settlement with a [TJX] customer class-action lawsuit that resulted in the "customer appreciation sale," a three-day shopping spree where customers would have big, big! savings.  There was a lot of disapproval regarding this: critics noted that this would benefit TJX, since lower prices drive higher traffic.

Despite all the criticism that Stratfor has received due to the hack, including the observation that it's a joke of an intelligence/security company, if Stratfor can manage to get a case like this to settle in four months while recompensing basically nothing, it must know what it's doing.  (The heavy lifting was probably done by the lawyers, certainly, but choosing the right lawyers is more than an art; it takes know-how).


Related Articles and Sites:
http://www.databreaches.net/?p=24638
http://in.reuters.com/article/2012/06/28/us-stratfor-hack-lawsuit-idINBRE85R03720120628
http://articles.chicagotribune.com/2012-06-27/business/sns-rt-us-stratfor-hack-lawsuitbre85r037-20120627_1_settlement-class-action-preliminary-approval
http://www.statesman.com/business/stratfor-aims-to-settle-suit-over-data-breach-2415237.html
http://www.information-age.com/channels/security-and-continuity/news/2110348/hacked-stratfor-settles-customer-lawsuit.thtml

 
<Previous Next>

Cost Of A Data Breach: South Korea's FSS To Give Cautionary Warning To Samsung, Hana-SK CEOs

Data Encryption Software TCO: Highest With SMBs And Enterprises

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.