Connecticut Attorney General settles $500,000 data breach case with Guardian Analytics

Connecticut Attorney General William Tong announced a $500,000 settlement with Guardian Analytics, Inc. over a data breach that exposed the personal information of 157,629 Connecticut residents. The breach, which violated state privacy and consumer protection laws, was attributed to the company’s failure to maintain adequate data security measures.

The settlement requires Guardian Analytics to implement comprehensive changes to its security practices. These changes include the establishment of a robust information security program to safeguard personal data, encryption of all sensitive information, and the adoption of multi-factor authentication for user access. The company is also mandated to conduct regular risk assessments and develop an incident response plan to handle future security incidents.

Additionally, Guardian Analytics must ensure that acquired entities are thoroughly inspected for compliance with integration practices. A qualified third-party professional will be required to conduct an independent security assessment to verify the company’s adherence to these new protocols.

Attorney General Tong emphasized that the settlement underscores the importance of strong cybersecurity practices. He noted that the agreement serves as a roadmap for other companies to follow in safeguarding consumer data. "We expect businesses to take data privacy seriously, and this settlement sends a clear message," Tong stated.