On Monday, New York state Attorney General Eliot Spitzer announced that Datran Media, a leading e-mail marketer, has agreed to pay $1.1 million to the state for illegally sending unsolicited e-mails to more than 6 million Americans, according to a March 13 press release.The case is thought to be the “largest deliberate breach of a privacy policy discovered by U.S. law enforcement to date.”The settlement ends New York state’s case against Datran, which allegedly obtained and improperly used information garnered by several companies that legally collect such information from Web surfers, according to the release.The largest of the companies Datran bought information from, Gratis Internet, boldly stated on a number of its websites that information it collected would not be sold or passed on to interested parties. The Gratis sites include www.freeipods.com and www.freedvds.com.An investigation by the attorney general’s office found that Datran was aware of Gratis’ pledge not to sell consumers’ information, but it bought the data regardless. Datran then proceeded to use the information it collected to send spam e-mail messages, according to the attorney general. In addition to the $1.1 million it must pay in fines, Datran also must destroy all information it gathered from Gratis and the other companies; it must not purchase information on consumers until it independently determines the acquisition is legal and doesn’t violate any privacy policies; and finally, it must appoint a chief privacy officer, or another person, to handle its privacy compliance initiatives.“Companies must adhere to known privacy policies and promises,” Spitzer said in the release. “Failing to do so constitutes a clear consumer fraud.For related news coverage, read N.H. Woman Pleads Guilty in Porn Spam Case and Two Suspects Netted in Spam Sting.CSO Security Feed page for updated news coverage.Keep checking in at our Related content brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe