NORM COLEMAN: Abyssmally Stupid?
I cannot believe this one. Seems Norm Coleman, the very much FORMER Senator from Minnesota who wants to run again for his old seat, has just completely compromised his donors' credit card information. This was discovered last January and yet Coleman only alerted his donors to the fact that their credit card info was now public knowledge until now. [UPDATE: Daily Kos has a good, if a bit over done, explanation of just how stupid and irresponsible Coleman and his campaign was.]
From the Minnesota Independent:
This seems to have violated Minnesota law, as pointed out in the comments of the above article:
And has royally pissed off Norm Coleman's donors...NOT something a candidate wants to do if he is running to regain his old seat he just narrowly lost.
This shows the following characteristics of Norm Coleman: Incompetence, Irresponsibility, Disregard for the Law, and Dishonesty. Republican values at their best, aren't they? It also, along with his other scandals, probably ruins any chance of him reviving his political career.
From the Minnesota Independent:
...scrutiny by web enthusiasts exposed a bigger problem for the campaign: an unprotected database that contained information on campaign donors, including names, email and home addresses, credit card numbers and the three-digit security codes. On Tuesday, donors received an email from the website Wikileaks alerting them that the site has revealed some of the database information.
“We understand that Norm Coleman became aware of the leak in January,” the note reads, in part...
The Hill indicates that it’s been in contact with the Coleman campaign which aknowledged “that the private information of its supporters has probably been breached and is encouraging them to cancel their credit cards.”
Campaign spokesman Cullen Sheehan wrote in an email to supporters that that there was no “evidence that our database was downloaded by any unauthorized party,” but he doesn’t dispute the possibility that security has been breached. Several IT professionals interviewed by the Minnesota Independent in late January revealed they had downloaded the database, which was not password protected. This fact seems to contradict Sheehan’s report about findings by federal authorities looking into the case. They “did not find evidence that our database was downloaded by any unauthorized party.”
This seems to have violated Minnesota law, as pointed out in the comments of the above article:
The Minnesota Independent adds that Wikileaks pointed out that if the campaign knew of the leak and failed to alert donors immediately, there has been a violation of state law. Minnesota statute 325E.61 states: (a) Any person or business that conducts business in this state, and that owns or licenses data that includes personal information, shall disclose any breach of the security of the system following discovery or notification of the breach in the security of the data to any resident of this state whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. The disclosure must be made in the most expedient time possible and without unreasonable delay, consistent with the legitimate needs of law enforcement, as provided in paragraph (c), or with any measures necessary to determine the scope of the breach, identify the individuals affected, and restore the reasonable integrity of the data system.
And has royally pissed off Norm Coleman's donors...NOT something a candidate wants to do if he is running to regain his old seat he just narrowly lost.
This shows the following characteristics of Norm Coleman: Incompetence, Irresponsibility, Disregard for the Law, and Dishonesty. Republican values at their best, aren't they? It also, along with his other scandals, probably ruins any chance of him reviving his political career.
1 Comments:
I'm only dimly familiar with PCI (Payment Card Industry) standards, but I believe retaining the CVA number is absolutely forbidden under all circumstances. There's no point in having a CVA if vendors store it. It's supposed to stay on the card, the vendor uses it like a password and moves on with the authorization.
Pretty sure Norm's amateur consultant is going to lose the business. PCI don't play.
Post a Comment
<< Home