Richard Chirgwin reports:
Retail coupon operator Catch-of-the-Day has escaped penalty over sitting on a data breach for three years.
The 2011 data breach was notified to the Office of the Australian Information Commissioner (OAIC) in 2014. Catch of the Day put the delay down to deciding that the hashed passwords in the compromised systems “might” be at risk of being recovered due to “technological advances”.
The privacy watchdog has now woken up and scratched out a response that it “does not intend to take any further action in relation to the incident at this time”.
Read more on The Register.