5 Companies That Dropped The Ball This Week

Cisco Live Attendee Database Gets Hacked

For a company that sells IT security products, the prospect of a security breach at one of your events is a nightmare scenario. But it appears that Cisco may have been hit with just such a breach last week at its Cisco Live event in Las Vegas.

Cisco earlier this week acknowledged that someone managed to hack into a database containing registration information on Cisco Live attendees. Cisco claims it plugged the hole immediately and that only attendee badge numbers, names, titles, company addresses and e-mail addresses were exposed.

OK, so it's not a laptop full of credit card and Social Security numbers. But it's still a black eye for Cisco, no matter how you spin it. Somewhere, Juniper security engineers are probably chuckling softly.

Apple Leaves iTunes Questions Unanswered

Apple this week banned a Vietnamese App Store "developer," apparently for using a compromised iTunes account to purchase his own creations and leave positive feedback to boost his App Store ranking.

Apple also changed its policy to require iTunes and App Store users to enter the CCV code on their credit cards when making purchases or trying to access iTunes from a new computer.

But while Apple said its iTunes servers weren't compromised and that no confidential data was exposed, it didn't address whether any actual fraud occurred, despite reports that some iTunes subscribers had authorized charges ranging from $100 to $1,400. So it’s still unclear how, exactly, the iTunes accounts in question were actually broken into. Also unclear is whether CCV codes will present enough of a barrier to fraudsters.

Apple's stance here is along the lines of "Trust us, you're secure." Sounds a bit like, "Don't hold your iPhone that way," doesn't it?

Bottom line: This isn’t the first time iTunes security has been in question; reports have been circulating for more than a year about fraudulent activity linked to compromised accounts.

Nokia Enlists Cops To Go After Blogger

Someone needs to remind Nokia about the PR disaster Apple endured when it tried to get to the bottom of the lost iPhone scandal.

Eldar Murtazin, editor-in-chief of Moscow-based mobile-review.com, somehow got hold of a prototype of Nokia's N8 smartphone and refused to hand it over to the Finnish mobile device giant. So Nokia decided to enlist the aid of enforcement authorities from Russia's Ministry of Internal Affairs. Sound familiar?

Interestingly, Murtazin gave the N8 a lackluster review, but Nokia insists that this wasn't its motivation in contacting Russian law enforcement. People often complain about government acting at the behest of private corporations, and this appears to be a case of Nokia overstepping its bounds.

But Nokia isn't Apple, as much as it would like to have Apple's balance sheet. For a company playing catch-up in the mobile industry, the timing isn't ideal.

Mass. Secretary Of State's Office Gets Security Lesson

OK, so the Massachusetts Secretary of State's office isn't a company, but it dropped the ball when an employee accidentally gave a CD-ROM containing confidential information of 139,000 state-registered investment advisers to IA Week, an investment industry publication.

In this case, the exposed data was an identity theft treasure trove: investors' names, Social Security numbers, birth dates and locations, even height, weight and hair and eye color. However, IA Week returned the CD-ROM and said it did not copy any of the data.

No harm, no foul, right? Wrong, say security experts. Although the Massachusetts Securities Division isn't sure if this was a security breach, this could have turned out badly if miscreants had got their hands on it and used it to procure fake IDs. In short, this is definitely not something that should be swept under the rug.

Facebook Pays Price For Privacy Blunders

Facebook has been acting like a bull in the china shop of privacy, and this may be having an impact on the social networking site's sign-up rate. Active users within the 18- to 44-year-old category that comprises much of Facebook's membership is down.

What gives? Could it be that Facebook has jumped the shark? Are folks upset with the idea that Facebook founder and CEO Mark Zuckerberg is only interested in one thing: their personal data?

It's impossible to tie all of these factors to the figures of a single research report, but few would argue that Facebook's popularity has taken a hit as a result of its cavalier stance on privacy.

Check out our roundup of vendors that came to win this week for a look at the companies that really brought their 'A' game.