Games developer Rockyou fined $250K for not securely storing customer data

Filed Under: Data loss, Law & order, Privacy, Social networks

rockyou faces FTC finesBack in late 2009, Rockyou, an online games developer, suffered a serious SQL injection flaw on its flagship website.

What made it cringe-worthy is that they left user details in plain text.

A whopping 32 million login details, including those of minors, were stolen and published on the web.

They have just been fined $250,000 USD by the Federal Trade Commission (FTC) for being too careless with customer data, accounting for an estimated 0.2% of their valuation, according to Crunchbase.

Let's be honest, the fine isn't going to make a noticeable dent in their financial armour. Seems to me the equivalent of a light public wrist slap. One cannot help but wonder how much it cost the FTC to gather the information required to issue the fine....

Rockyou CEO Lisa Marino seems rather pleased with the outcome. In SC Magazine, she is quoted as saying

RockYou is pleased to reach a settlement and gratified to put this matter behind us. We appreciate the work the FTC has done in this process as they have been fair, reasonable and timely throughout.

But since the breach, Rockyou hasn't been exactly sailing on smooth waters. It faced two rounds of "restructuring" where employees were laid off. TechCrunch also reported that its main competitor, Slide, was bought by Google for the tidy sum of $228M USD in October 2010.

So, what can the rest of us learn from all this?

Idea - light bulb drawingOne, if you collect user information, for the love of all that is good in the world, safeguard it well. So if someone does break in, they cannot access the data.

Second, and this is for every single computer user: choose good passwords. Listen to this podcast and watch this video for tips and tricks to help you.

These are the kind of passwords you definitely want to avoid. As we reported at the time, Imperva's 2010 report analysed the 32 million passwords that were exposed in the Rockyou.com breach.

Here are the top 10 passwords that RockYou users had chosen:

  1. 123456
  2. 12345
  3. 123456789
  4. Password
  5. iloveyou
  6. princess
  7. rockyou
  8. 1234567
  9. 12345678
  10. abc123

Please choose much better ones than these passwords for your own online accounts.

Image of idea light bulb, courtesy of ShutterStock

, , , , , , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Hi. I am a social, brand and communications expert with 10 years in senior roles in the tech space. I'm currently Sophos' s Global Director of Social Media and Communities. Proudest work achievement? Creating and launching award-winning Naked Security. Outside work, I am a mean cook, an avid reader, a chronic insomniac, a podcast obsessive and blogger .