lystn

The guys talk about the email Nasir received about AmmoToGo.com informing customers of a security breach. They then answer the question, "Every quarter we have to take care of some corporate stuff and many of my employees are required to work on the weekend. Some of the employees have voiced complaints but can I legally do this?" Full Podcast Transcript NASIR: All right. Welcome to our podcast where we cover business in the news and answer some of your business legal questions that you, the listener, can send in to ask@legallysoundsmartbusiness.com. My name is Nasir Pasha and I’m your host for today. MATT: My name’s Matt Staub. I’m also a host for the show, I suppose, today. NASIR: For your wonderful, quick 10, 15-minute episode. Actually, the topic that we’re covering today is pretty interesting because I think this is our first, like, we’re making up our own news story I guess because I received an email from a vendor. What was it? It was ammotogo.com. MATT: You got the email but, actually, I’ll ask my question later that I have just for your specific to this email. So, you got this email. I feel weird telling this story since you’re the one that received it, but I’ll go through it. I’ll go through it then you tell me what’s right, what’s accurate. NASIR: Yeah. MATT: So, you got this email, I guess it was a security breach – I don’t know if you want to call it a security breach – but it looks like some of their customer information was sold to a third party and this is Ammo To Go. Their customer email list was sold and they were able to kind of verify that through a couple of different avenues. They basically sent the email out to, I think, only the people they believe were affected – I think they mention that in there – and they said it looks like it might have possibly been sold to Target Sports USA which I assume is related to Target the store but maybe I’m making an inaccurate assumption. NASIR: No, I don’t think so. I think it’s target like ammo and guns, but go on. MATT: Oh, yeah, that makes sense. All right. Well, scratch that! So, yeah, they said no credit card information was on there and, interestingly, they said it at about the same time they had re-launched their website and changed their security and this happened conveniently around the same time which - I don’t know – if they’re going to say that, I’ll take them for their word, but who knows if that’s accurate or not. But, yeah, they said no credit card information was taken and, as a result of their new security, they put in place that, you know, everything’s fine, they don’t expect anything in the future. They suggest changing your password if you haven’t already, especially if you use the same password on multiple websites. Like I said, they said they only sent this to the people that they believe were affected which I thought was interesting. I don’t know how you could, I guess if it happened, people that signed up afterwards? I don’t know how they’re drawing that line. NASIR: Yeah, that’s true. But what’s interesting is that one of the ways that they’ve confirmed all this is that this other Target Sports USA, they actually purchased, or this is what they believe, they purchased an email list from who they thought was Ammo To Go and, from their perspective, that didn’t happen. And so, then they started looking a little bit deeper and found out, “Okay. Wait a minute. Some of our data’s been breached and basically all the emails have been taken and now is being sold on the open market to companies like these.” So, lots of issues here but I think one of the coolest things is that – and we’ll post a screenshot of the actual email because I think – this is a very good representation as to a great way of dealing with a problem like this. I mean, a small business that is, you know, being hacked and we’ve talked about it in the past and I’m sure security experts will agree that there’s only so much things that you can do to prevent a security breach...