1. Examine the legal consequences, if any, of failing to comply with an information security standard. The following set of facts applies : M&M is a UK-based retailer, with its flagship store in London and branches in large cities throughout the world, including in Los Angeles, CA and Boston, MA and Las Vegas, NV. Last week, M&M discovered that, over the last year, its customers’ credit card information and other personal data involving sales from both online purchases and in store sales in the US had been stolen, possibly involving many millions of records. The UK credit card information included the online purchases involving its own store credit cards used by over half the UK customers for the 5% discount it gives them. The hacker apparently gained access to the M&M’s system by using the log-on credentials of a 3rd-party service provider obtained somehow, likely via a phishing email. Unbeknownst to M&M, the service provider had a very basic anti-virus program in place without live updates. Thus, the installation of keylogger malware on the vendor’s system went undetected. Although M&M’s systems logs show that its own intrusion detection system issued a live alert on several occasions over the last few months, the IT people ignored them. As a result, M&M failed to detect the installation of malware onto M&M’s systems that enabled the hackers to install RAM scraping software that allowed them to read the magnetic strips on the US credit cards that its point of sale terminals still process. The hackers also accessed M&M’s database where the online transaction data was stored by means of an SQL injection attack, one of the most common ways of accessing a system via a website. M&M had been planning to test and harden its web servers sometime this year in preparation for an external certification assessment in connection with its card payment obligations. It had not gotten around to it yet. It believed that its customer data was secure since it encrypted certain columns of the database. However, it used an encryption program that, without a published 2019 patch, was readily susceptible to brute force attack. That allowed the encrypted data to be decrypted. They also had access to the cleartext data in other columns that included the customers’ email and home addresses. M&M had not installed the patch. Customers in London and all of the US cities have already called, advising that they are experiencing fraudulent charges and wondering if these could have arisen from their M&M transactions. M&M has sought your advice as to what actions it should take and what potential liabilities it may have. With regard to the above fact pattern: II. Advise M&M with respect to the US and the applicable laws and criminal and/or civil liabilities if any. please respond as professional legal counsel would. applying relevant application laws in the unitagned states or international laws.
We value our customers and so we ensure that what we do is 100% original..
At Custom Writing, we believe in exemplary services that are fully geared toward customer satisfaction. That is why we don’t shy away from giving you the following guarantees;
Trusting us with your work is the best decision you have made, our pleasure lies in seeing you satisfied at 100%. If in the rear chance it happens that you are not satisfied, then know that we will equally not be satisfied. But worry not, our 30 days- Money back guarantee is all you need and that is what we promise you..Read more
We utilize profoundly equipped and gifted writers who produce unique papers liberated from any form of plagiarism. To guarantee this, we run all papers finished by our scholars through a Plagiarism checker to ensure uniqueness and originality. In any case, on the off chance that you have vulnerabilities about the originality or falsification of any paper we have finished and conveyed to you, please get in touch with us straight away. We will quickly investigate, and if the paper is seen as counterfeited, we will take suitable actions including but not limited to, revising the paper for free and in extreme cases we will activate the money back guarantee.Read more
We have an obligation deliver great and specially composed assignments. Our revision strategy endeavors to ensure total client satisfaction, comfort, and a genuine feelings of serenity. We make minor updates and corrections to the underlying request as part of our continuous assistance. However, revisions should just incorporate changes and alterations that were not effectively met, in the underlying request and that are inside the rules as per the current request structure..Read more
Our client's Data is an Integral part of our business but clearly, we are not in the business of offering our clients' very own data to others. We realize that you care how your online data is utilized and shared, we equally value your trust that we will do so cautiously and sensibly. We Promise to ensure the security of your own data during transmission by utilizing encryption conventions and programming. Likewise assist us with securing your information by not sharing your passwords and usernames.Read more
In submitting a request with us, you consent to the services we give. We will strive to take the necessary steps to convey a far reaching paper according to your prerequisites. Equally we depend on your cooperation to guarantee that we convey on this order.Read more