Online bingo's big business in the UK, but players of Foxy Bingo got a bit more risk than they bargained for. Personal data, including names and addresses, of over 65,000 Foxy players was recently put up for sale having been stolen in 2008.
The Information Commissioner's Office reports that a one Mr. Marc Ben-Ezra was found guilty of three breaches of the Data Protection Act. Ben-Ezra tried to sell off the names, addresses, telephone numbers and usernames of the 65,000 bingo players, sending out sample details of 400 people apiece in an effort to entice buyers.
The ICO tracked him down through his email account, which was registered to the business address of his Father-in-Law. Considering he was profiteering out of other people's personal information, it's startling to think he's going to get away without any serious punishment. He was handed down a conditional discharge of three years, which basically means he receives no punishment, other than a damages fine of £1,700 and a costs charge of £830.80, as long as he doesn't commit a further offense within three years.
As the Information Commissioner Christopher Graham put it:
"We still don’t have a punishment that fits the crime. The ICO continues to push for the government to activate the 2008 legislation that would allow courts to consider other penalties like community service orders or the threat of prison.”
Moral of the tale? Be careful who you give your information too, and if you're caught trying to sell others' details, nothing much happens to you in the UK. [Sophos]