Paul Pinkham reports on Jacksonville.com that former computer consultant Paul Jason Clifton was ordered to reimburse Blue Cross and Blue Shield of Florida for costs related to a data breach.

Yesterday a judge ordered Paul Jason Clifton to pay $580,000 for expenses related to the data breach of 27,000 employee names and Social Security numbers. In addition, Clifton will be on probation for 3 years. Prosecutors did not press for prison time, as they felt Clifton did not misuse the information that he breached.

The data breach occurred when Paul Jason Clifton emailed the data of 27,000 employees to his home in Texas last year. Clifton was a consultant for Blue Cross responsible for electronic storage. Clifton claims he accessed the data in order to compare his consultant salary to the salaries of others.

Not knowing whether the data breach was part of an identity theft scam or not, Blue Cross and Blue Shield of Florida incurred expenses for credit protection. They took the most responsible course of action. The ruling confirms that the actions taken by Blue Cross were the safest and most reasonable given the threat, and that restitution was due as a result of the breach.

Clifton will be required to pay $250/month in restitution, with the balance to be recouped after the 3-year probation period.

Hat tip to Flying Hamster ; Tags: , , , , , ,

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati