Pages

Thursday, March 12, 2009

Data breach means more troubles for Norm Coleman

Coleman donor data breached in January, but donors alerted by Wikileaks, not campaign

Posted by Richard Koman @ March 11, 2009 @ 8:38 AM
ZDNet

Donors to Minnesota Senator Norm Coleman’s campaign got a rude awakening this week, thanks to an email from Wikileaks. Coleman’s campaign was keeping donor information in an unprotected database that contained names, addresses, emails, credit card numbers and those three-digit codes on the back of cards, Wikileaks told donors in an email....

According to The Hill, Wikileaks told donors:
“We have discovered that all on-line Coleman contributors had their full credit card details released onto the Internet on 28 of [January], 2009, by Coleman’s staff.”
The Minnesota Independent adds that Wikileaks pointed out that if the campaign knew of the leak and failed to alert donors immediately, there has been a violation of state law.

(More here. The AP story is here.)

1 comment:

  1. Let’s ignore the Coleman instance for a second and consider the potentially bigger problem.
    There are some important questions that need to be asked :
    What company did Coleman hire to collect his donations ?
    Did that company perform similar work for others ?
    If so, does that company maintain “illegal” information on their databases ?

    According to WikiLeak, the information that was contained on Coleman’s files included : Unique ID number, first name, last name, city, state, zip, phone, e-mail, employer, title, type of credit card used, name on card, last four of credit card, CVV2 value of the card, donation amount, authorization code from credit card processor, AVS (address verification) match, and a timestamp.
    There is a violation of Minnesota Statute 325E.64 by retaining the card security code data.

    If the company maintained this information for the Coleman campaign, was the same information maintained by other campaigns ?
    The Coleman incident may have exposed a problem that every political campaign needs to address. Proactively, every campaign that collected monies through credit cards needs to perform an internal investigation and issue a press release if illegal information was maintained.
    There is no reason for waiting for the FBI, Secret Service or MN Attorney General to investigate … campaigns need to be forthright and transparent.


    Now, on to the Coleman problem. How can GOP supporters blame WikiLeak and Franken for this problem ? First, Coleman’s campaign maintained information that he shouldn’t have. Because of their ineptness, it was exposed. I suspect that on a future Jay Leno Headlines segment, Coleman will be called “a stupid criminal” … trying to blame others for your own outrageous behavior. Second, by WikiLeak alerting people to the potential problem, it was publicizing to the masses a problem that was known by the minority. Shame on Coleman.

    ReplyDelete