Wij willen met u aan tafel zitten en in een openhartig gesprek uitvinden welke uitdagingen en vragen er bij u spelen om zo, gezamelijk, tot een beste oplossing te komen. Oftewel, hoe kan de techniek u ondersteunen in plaats van dat u de techniek moet ondersteunen.

Three-and-a-half years ago, a lawsuit hit the San Mateo, Ca. county courthouse that briefly attracted the attention of the worldwide venture capital community given its salacious nature. The defendant: longtime VC Michael Goguen, who’d spent 20 years with Sequoia Capital in Menlo Park, Ca. The plaintiff: a former intimate who described him through the filing as a “worse predator than the human traffickers.” She said in the filing that she would know, having become a “victim of human trafficking” at age 15 when she was “brought to America in 2001,” then “sold as a dancer to a strip club” in Texas, which is where she says first encountered Goguen.

What she wanted from the lawsuit was money that she said was owed to her by Goguen: $ 40 million over four installments that the lawsuit stated were for “compensation for the sexual abuse and [a sexual] infection she contracted from him.” According to her suit, Goguen agreed to these terms, paying Baptiste a first installment of $ 10 million before refusing to make further payments.

At the time, Goguen called the allegations “horrific” and suggested Baptiste was a spurned lover, saying they’d had a “10+ year romantic relationship that ended badly.” He also filed a cross complaint alleging extortion.

Today, that cross complaint lives on, but Baptiste’s case against Goguen was just dismissed by arbitrator Read Ambler, a retired judge who served 20 years with the Santa Clara County Superior Court and who wrote in a ruling filed yesterday in San Mateo that Baptiste’s failures to undergo medical examinations doomed her case, as did her failure to produce documents necessary in the discovery process.

“The record presented further establishes that Baptiste’s’ failures were willful,” Ambler writes. “Baptiste appears to believe that the information responsive to the discovery at issue is either not relevant, or with respect to the medical examinations, not permitted by law. While Baptiste is free to believe what she wants to believe, the orders are binding on Baptiste, and her failure to comply with the orders is unacceptable.”

Baptiste doesn’t currently have legal representation, though four sets of lawyers have represented her over time.

Patricia Glaser, a high-powered attorney who took on Baptiste’s case originally (and later agreed to represent Hollywood producer Harvey Weinstein), asked to be relieved from the case five months later, citing “irreconcilable differences.” More recently, an L.A.-based couple that operates the Sherman Law Group in L.A. filed a motion to be relieved as Baptiste’s counsel, citing “irreconcilable differences and a breakdown in communication.”

Goguen’s attorneys say he will continue to pursue his counterclaims against Baptiste and looks forward to “complete vindication.”

Though Ambler never remarked on the merits or Baptiste’s claims, Goguen’s attorney Diane Doolittle further said today in a statement that: “Amber Laurel Baptiste’s sensationalized lawsuit against Silicon Valley venture capitalist Michael Goguen collapsed under the weight of its own falsehood yesterday, when a judge dismissed the case because of Baptiste’s repeated, egregious and willful misconduct. Over the course of this case, Baptiste perjured herself, concealed, destroyed and falsified key evidence, and demonstrated her contempt for the legal system by systematically violating numerous court orders.”

Baptiste could not be reached for comment.

Baptiste’s lawsuit against Goguen prompted Sequoia to part ways with him almost immediately. Later the very day that TechCrunch broke news of the suit in 2016, a Sequoia spokesman told us that while the firm understood “these allegations of serious improprieties” to be “unproven and unrelated to Sequoia” its management committee had nevertheless “decided that Mike’s departure was the appropriate course of action.”

Goguen, who sold an $ 11 million home in Atherton, Ca., in 2017, has spent much of his time in recent years at another home in Whitefish, Montana, where he has seemingly been wooing locals.

An August story about Goguen in The Missoulian about a separate case describes him as “known locally for philanthropic ventures.”

The piece dutifully continues on to note that: “Such donations have funded Montana’s Internet Crimes Against Children Task Force and a Flathead group teaching girls to code. Two Bear Air, [Goguen’s] northwestern Montana search and rescue outfit free to anyone who has needed it, has performed well over 500 missions and 400 rescues, according to executive director and chief pilot Jim Pierce. Goguen has personally completed 30 rescues, the Daily Inter Lake reported in February. The Flathead Beacon reports he was honored with the Great Whitefish Award earlier this year.”


TechCrunch

Hostinger said it has reset customer passwords as a “precautionary measure” after it detected unauthorized access to a database containing data on millions of its customers.

The breach is said to have happened on Thursday. The company said it received an alert that one of its servers was improperly accessed. Using an access token found on the server, which can give access to systems without needing a username or a password, the hacker gained further access to the company’s systems, including an API database containing customer usernames, email addresses, and scrambled passwords.

Hostinger the API database had about 14 million customers records. The company has more than 29 million customers on its books.

“We have restricted the vulnerable system, and such access is no longer available,” said Daugirdas Jankus, Hostinger’s chief marketing officer, in a blog post.

“We are in contact with the respective authorities,” said Jankus.

hostinger

An email from Hostinger explaining the data breach. (Image: supplied)

News of the breach first broke overnight. According to the company’s status page, affected customers will be contacted by email to reset their passwords.

The company also said that financial data wasn’t taken in the breach, nor was customer website files or data affected.

But one customer who contacted TechCrunch about the breach accused the company of being potentially “misleading” about the scope of the breach.

A chat log seen by TechCrunch shows a customer support representative telling the customer it was “correct” that financial data can be retrieved by the API but that the company does “not store any payment data whatsoever.” Hostinger uses multiple payment processors, the representative told the customer, but did not name them.

“They say they do not store payment details locally, but they have an API that can pull this information from the payment processor and the attacker had access to it,” said the customer.

We’ve reached out to Hostinger for more, but a spokesperson didn’t immediately comment when reached by TechCrunch.

Related stories:


TechCrunch

Another day, another massive data breach.

This time it’s the financial giant and credit card issuer Capital One, which revealed on Monday a credit file breach affecting 100 million Americans and 6 million Canadians. Consumers and small businesses affected are those who obtained one of the company’s credit cards dating back to 2005.

That includes names, addresses, phone numbers, dates of birth, self-reported income and more credit card application data — including over 140,000 Social Security numbers in the U.S., and more than a million in Canada.

The FBI already has a suspect in custody. Seattle resident and software developer Paige A. Thompson, 33, was arrested and detained pending trial. She’s been accused of stealing data by breaching a web application firewall, which was supposed to protect it.

Sound familiar? It should. Just last week, credit rating giant Equifax settled for more than $ 575 million over a date breach it had — and hid from the public for several months — two years prior.

Why should we be surprised? Equifax faced zero fallout until its eventual fine. All talk, much bluster, but otherwise little action.

Equifax’s chief executive Richard Smith “retired” before he was fired, allowing him to keep his substantial pension packet. Lawmakers grilled the company but nothing happened. An investigation launched by the former head of the Consumer Financial Protection Bureau, the governmental body responsible for protecting consumers from fraud, declined to pursue the company. The FTC took its sweet time to issue its fine — which amounted to about 20% of the company’s annual revenue for 2018. For one of the most damaging breaches to the U.S. population since the breach of classified vetting files at the Office of Personnel Management in 2015, Equifax got off lightly.

Legislatively, nothing has changed. Equifax remains as much of a “victim” in the eyes of the law as it was before — technically, but much to the ire of the millions affected who were forced to freeze their credit as a result.

Mark Warner, a Democratic senator serving Virginia, along with his colleague since turned presidential candidate Elizabeth Warren, was tough on the company, calling for it to do more to protect consumer data. With his colleagues, he called on the credit agencies to face penalties to the top brass and extortionate fines to hold the companies accountable — and to send a message to others that they can’t play fast and loose with our data again.

But Congress didn’t bite. Warner told TechCrunch at the time that there was “a failure of the company, but also of lawmakers” for not taking action.

Lo and behold, it happened again. Without a congressional intervention, Capital One is likely to face largely the same rigmarole as Equifax did.

Blame the lawmakers all you want. They had their part to play in this. But fool us twice, shame on the credit companies for not properly taking action in the first place.

The Equifax incident should have sparked a fire under the credit giants. The breach was the canary in the coal mine. We watched and waited to see what would happen as the canary’s lifeless body emerged — but, much to the American public’s chagrin, no action came of it. The companies continued on with the mentality that “it could happen to us, but probably won’t.” It was always going to happen again unless there was something to force the companies to act.

Companies continue to vacuum up our data — knowingly and otherwise — and don’t do enough to protect it. As much as we can have laws to protect consumers from this happening again, these breaches will continue so long as the companies continue to collect our data and not take their data security responsibilities seriously.

We had an opportunity to stop these kinds of breaches from happening again, yet in the two years passed we’ve barely grappled with the basic concepts of internet security. All we have to show for it is a meager fine.

Thompson faces five years in prison and a fine of up to $ 250,000.

Everyone else faces just another major intrusion into their personal lives. Not at the hands of the hacker per se, but the companies that collect our data — with our consent and often without — and take far too many liberties with it.


TechCrunch

The UK’s Information Commissioner is starting off the week with a GDPR bang: this morning, it announced that it has fined British Airways and its parent International Airlines Group (IAG) £183.39 million ($ 230 million) in connection with a data breach that took place last year that affected a whopping 500,000 customers browsing and booking tickets online. In an investigation, the ICO said that it found “that a variety of information was compromised by poor security arrangements at [BA], including log in, payment card, and travel booking details as well name and address information.”

The fine — 1.5% of BA’s total revenues for the year that ended December 31, 2018 — is the highest-ever that the ICO has levelled at a company over a data breach (previous “record holder” Facebook was fined a mere £500,000 last year by comparison).

And it is significant for another reason: it shows that data breaches can be not just just a public relations liability, destroying consumer trust in the organization, but a financial liability, too. IAG is currently seeing volatile trading in London, with shares down 1.5% at the moment.

In a statement to the market, the two leaders of IAG defended the company and said that its own investigations found that no evidence of fraudulent activity was found on accounts linked to the theft (although as you may know, data from breaches may not always be used in the place where it’s been stolen).

“We are surprised and disappointed in this initial finding from the ICO,” said Alex Cruz, British Airways chairman and chief executive. “British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. We apologise to our customers for any inconvenience this event caused.”

Willie Walsh, International Airlines Group chief executive, added in his own comment that “British Airways will be making representations to the ICO in relation to the proposed fine. We intend to take all appropriate steps to defend the airline’s position vigorously, including making any necessary appeals.”

The degree to which companies are going to be held accountable for these kinds of breaches is going to be a lot more transparent going forward: the ICO’s announcement is part of a new directive to disclose the details of its fines and investigations to the public.

“People’s personal data is just that – personal,” said Information Commissioner Elizabeth Denham in a statement. “When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”

The ICO said in a statement this morning that the fine is related to infringements of the General Data Protection Regulation (GDPR), which went into effect last year prior to the breach. More specifically, the incident involved malware on BA.com that diverted user traffic to a fraudulent site, where customer details were subsequently harvested by the malicious hackers.

BA notified the ICO of the incident in September, but the breach was believed to have first started in June. Since then, the ICO said that British Airways “has cooperated with the ICO investigation and has made improvements to its security arrangements since these events came to light.” But it should be pointed out that even before this breach, there were other examples of the company treating data protection lightly. (Now, it seems BA has learned its lesson the hard way.)

From the statement issued by IAG today, it sounds like BA will choose to try to appeal the fine and overall ruling.

While there are a lot of question marks over how the UK will interface with the rest of Europe over regulatory cases such as this one after it leaves the EU, for now it’s working in concert with the bigger group.

The ICO says it has been “lead supervisory authority on behalf of other EU Member State data protection authorities” in this case, liaising with other regulators in the process. This also means that these authorities where its residents were also affected by the breach will also have a chance to provide input on the ruling before it is completely final.


TechCrunch

Created by R the Company. Powered by SiteMuze.