A recent incident involving a breach of a company’s online system has resulted in an outpouring of criticism, and a new controversy.
It’s a hack, or at least a breach, of a database used to keep track of users’ online identities.
The breach, which occurred in October, resulted in the personal data of more than 10 million people, many of whom were unaware of their own identities.
Now, some are calling for the identity theft of millions more.
The hacker behind the breach, a former employee at a technology company called Vistaprint, said he intended to leak the personal information of some 4 million people and use it to make online purchases.
Vistamprint’s CEO said the breach was a response to a lack of security and privacy in the industry.
But the company’s chief financial officer, Steve Vierks, said the company was “still recovering” from the breach.
The data breach was first reported by The Wall Street Journal, but it wasn’t clear whether the hackers were related.
The FBI has since launched an investigation, and Vistafrint has said it would share any evidence it collects with law enforcement.
But privacy advocates and others have raised questions about how far Vistarpt could go in using the stolen data, and whether VistaPrint would be able to keep its promise to not disclose the data.
Vierk said he’d been told the company had been notified of the incident and had been cooperating.
“This is not the first time a data breach has impacted our business,” he said in a statement.
“As we continue to review the information disclosed, we are committed to sharing any information we have with law enforcements as soon as possible.”
Vistateprint said it was “aware” of the breach and that it was taking steps to fix it.
“Our team has identified the vulnerabilities and is working to address them, including implementing additional security measures,” the company said in an emailed statement.
But Vistahaprint said in its statement that it “does not disclose information that has been publicly disclosed in order to protect its users.”
And the company added that the information had been “released in the public domain” and it had no further comment.
A spokesperson for Vistamrint said the data breach “was a product of an external breach of the company” and that Vistaward would work with law authorities to identify the perpetrators and take appropriate action.
“We are confident that we have taken all necessary precautions to protect our users and we are currently working to identify, remove and restore all sensitive information, including personal data,” the spokesperson said.
“Vistapayrint does not publish, sell, transfer or share information that is collected from its users, unless authorized by Vistatest.
We are committed in protecting our users’ privacy.”