In a follow-up to a case where a data breach has had massive consequences for the breached entity, Mark Hawthorne reports that Nicholas Bolton lost another round in court in Australia when the court affirmed a decision by the Australian Domain Name Administrator (AuDA) banning Bottle Domains from selling or administering domain names:
In January the Federal Police discovered that Australian Style’s customer database, and that of its subsidiary Bottle Domains, had been hacked into and credit card numbers had been put up for sale on the internet.
Personal details from 40,000 of Mr Bolton’s 60,000 customers were downloaded in total, including the complete credit card details of 25,000 people.
A 22-year-old Perth man has been arrested over the theft and has been charged with dishonestly dealing in personal financial information.
During its investigation, the Australian Domain Name Administrator (auDA) learned that the first security breach of the Bottle Domains customer database had occurred in 2007, and Mr Bolton had failed to notify the regulator of that breach. As a result, auDA terminated the accreditation of Bottle Domains in April this year ”due to a serious breach of its obligations under the registrar agreement”.
To make matters worse for Bolton, three other domain name registry companies he owns will be reviewed by auDA because the judge was not happy with Bolton’s handling of three security breaches in terms of his failure to promptly and fully alert customers.
Read the full article here.