1,000,000 lost credit cards = £150,000 fine

July 29, 2014/in Internet Security

A UK travel company has been fined £150,000 for putting an “internal only” parking database system on the internet without securing it first. The vulnerable system was used as a stepping stone for a crook to steal more than 1M e-commerce records.
Naked Security – Sophos