From Techdirt comes this tale of woe:
Hacker Detection Firm... HackedAs one of the commenters at Techdirt said:
You would think, if you're in the "unauthorized computer break-in prevention" business, that you better make damn sure that your systems are pretty well protected -- because you are absolutely going to be a target. However, on top of that, you should probably make sure that your customer records are encrypted and you don't keep information you're not supposed to -- like credit card CVV numbers. Unfortunately, it appears that Guidance Software did none of those things, and is now informing customers that their info had been stolen by hackers. In fact, Guidance didn't even notice the hack until two weeks after it happened, which doesn't bode well for its sales pitch on its new security tools targeted at law enforcement officials.
Clearly this company is going to be in business for a long time to come...Youch! The money quote from the WaPo article:
Guidance stored customer records in unencrypted databases, and indefinitely retained customers' "card value verification" (CVV) numbers, the three-digit codes on the back of credit cards that are meant to protect against fraud in online and telephone sales, according to Colbert and the notification letter sent to customers.Talk about a CLM (Career Limiting Move)
Yeah, except that Guidance has a near monopoly on forensic software. If you're going to be taken seriously in court, you must be Encase certified.
As such, Guidance practically *builds* case law, and so unfortunately, they're not going anywhere.