A.G. Schneiderman Announces Settlement With Computer Manufacturer After Data Breach Exposed More Than 35,000 Credit Card Numbers

Acer Service Corporation Must Pay $115,000 In Penalties And Reform Data Security Practices

    Attorney General Eric T. Schneiderman today announced a settlement with Acer Service Corporation (“Acer”), a computer manufacturer based in Taiwan, after a data breach of its website exposed over 35,000 credit card numbers.  An investigation by the A.G.’s office  revealed that sensitive Acer customer information was not protected by Acer for almost a full calendar year. Acer has agreed to pay $115,000 in penalties and to shore up its data security practices.

“Businesses have a duty to protect their customers’ personal information as securely as possible,” said Attorney General Schneiderman. “Lax security practices like those we uncovered at Acer put New Yorkers’ credit card information and other personal data at serious risk. That’s unacceptable, and will change under the terms of our settlement today. My office will continue to hold businesses accountable for protecting their customers’ private information.”

Acer manufactures computers and other electronics and sells them through various channels including through its website http://us-store.acer.com (“acer.com”).  In January 2016, Discover Card analyzed hundreds of fraudulent credit card transactions on the website and determined that Acer was the last merchant where a legitimate transaction took place.  This is known as a “common point of purchase” and indicates that Acer was the target of a cyber-attack resulting in a compromise of credit card information. 

The subsequent investigation revealed that at least one attacker exploited Acer website vulnerabilities to view and ex-filtrate sensitive customer data. Between November 11, 2015 and April 28, 2016, the attacker(s) made hundreds of electronic requests for customer data.  In all, sensitive data related to 35,071 people, including 2,250 New York residents, was stolen. 

Acer’s website contained numerous vulnerabilities. For example, between July 4, 2015 and April 28, 2016, an Acer employee enabled debugging mode on Acer’s e-commerce platform.  Debugging mode is a setting that stores all data transferred through a website into a log file in plain text format to troubleshoot the website prior to launch, or otherwise when it is offline and not processing customer transactions.

During this time, the website saved all the information provided by the customers in unencrypted plain text form to a log file.  This information included first and last name; credit card number, expiration date and verification number (CVN); website user name and password; email address; and street address including city, state and zip code.

Additionally, Acer misconfigured its website to allow directory browsing by unauthorized users.  This misconfiguration allowed the attacker(s) to view and access subdirectories on the website using a simple web browser.

As a result of the security vulnerabilities described above, significant amounts of sensitive Acer customer information was not protected for almost a full calendar year.

The settlement requires Acer to maintain reasonable security policies designed to protect consumer personal information including:

1. Designation of an employee(s) to coordinate and supervise its program designed to protect the privacy and security of personal information;
2. Designation of an employee(s) to be notified whenever any personal information is saved to, or stored on, Acer’s file system in unencrypted form;
3. Annual employee training to at a minimum inform employees who are responsible for handling personal information about data security, the importance of consumer privacy and their duty to help maintain its integrity;
4. Responding to events involving unauthorized acquisition, access, use or disclosure of personal information including training all staff who are responsible for inputting, entering, maintaining, storing or transferring personal information on data breach notification law;
5. Identifying material risks to the security and confidentiality of personal information that are reasonably likely to result in the unauthorized disclosure, misuse, copying, alteration, destruction, or other compromise of such information, including through the regular review of security industry news sources for newly identified security vulnerabilities;
6. Designing and implementing reasonable safeguards to control the risks identified through risk assessment, including use of multi-factor authentication for remote access to Acer computer systems; implementation of an intrusion detection system; and penetration testing (at least annually) and vulnerability assessments (at least quarterly);
7. Regular testing of the effectiveness of the safeguards’ key controls, systems, and procedures; and
8. Developing and using reasonable steps to select and retain service providers capable of maintaining security practices consistent with the agreement and requiring service providers by contract to implement and maintain appropriate safeguards.

Acer has also agreed to maintain the data security standards required by the credit card industry.

Statement from Comptroller Scott M. Stringer on the Department of Investigation’s ACS Report

“We, as a city, are defined by how we treat our kids. We aren’t living in a fair city when my kids come home to a safe household every night while thousands of others, in the greatest city on the planet, are living in some of the most deplorable, dangerous conditions imaginable.

“Through our audits and investigations, we have uncovered ACS has repeatedly violated its own requirements on how it investigates allegations of abuse and neglect. In even the most serious “high priority” cases, we have found that ACS hasn’t completed the necessary number of supervisor or manager reviews required by its own rules.  We’ve discovered poor oversight and ineffective management. Yet, the agency has vehemently resisted calls for change.

“At ACS, tragic failures are known; major successes are not. Let there be no doubt that this is likely the toughest job in government. But report after report shows there are persistent problems at this agency. Today’s DOI investigation, once again, validates the concerns voiced by many regarding ACS. This should be — and must be — a wake-up call. It’s time to face the facts. ACS and City government must come to the realization that the agency needs a dramatic overhaul. There are systemic challenges placing children at risk, and we have a moral obligation not just as government officials, but as New Yorkers, to fix them. The stakes are simply too high.”

Statement from City Comptroller Scott M. Stringer on the Mayor’s Preliminary Budget

“The uncertainty surrounding future policy decisions by the Trump administration and the Republican Congress presents real risks to our City budget. My office conducted an analysis outlining potential Federal cuts—and I’m concerned many critical areas could be affected. From affordable housing to programs that support at-risk children, our social safety net could be fundamentally changed by backwards policies from Washington. We believe that whatever the White House and the Republican Congress do, our City must protect its most vulnerable residents.

“Over the coming months, we must enact a budget that secures the safety net, prepares our children for the future, and helps our city compete in a 21st century economy.  We also must be smart about spending in good times so we are prepared for when tougher times arrive. I look forward to working with the Mayor and the City Council to ensure we have a budget that accomplishes these goals and gives every New Yorker a fair shot to make it here. My office is currently reviewing the preliminary budget and will release a comprehensive analysis in the coming weeks.”

Comptroller Stringer previously released an analysis of how federal aid to New York City, which often impacts New Yorkers who need support most, could be at risk under the Trump Administration and the Republican Congress.

It's Not Every Day You Get to See This - Remnants of the Old Drive Ins

  This 1961 Cadillac Sedan De Ville Complete with its famous tail fins in excellent shape is a vision from the 1960's, especially since it is parked in front of 'Yo Burger" a well known Burger place just like the old drive ins.  The owner went in for a delicious burger, fries, and soda. The only thing missing is the waitress on roller skates.

Another Television Shoot in Riverdale

   Last week scenes the television show Madame Secretary were filmed in the North Riverdale area around the Skyview Towers. This week in the Skyview Shopping Center the television shoe the Blacklist was filming as you see in the photos below, The Riverdale area of the Bronx has been a favorite place to film with its scenic views and historic estates. Past shows which have filmed in Riverdale include Law and Order, Law and Order SVU, Smash, and many others. 

Above - Several parking spaces are taken up by film equipment.

Below - The Riverdale Pharmacy in the Skyview Shopping Center was a closed set as filming took place. One woman watching what was going on remarked 'That is my pharmacy".

When filming was done the curtain came down and the pharmacy returned to regular business.

FREE RAT ACADEMY: RESIDENTS LEARN HOW TO RID NEIGHBORHOODS OF CITY’S MOST PESKY RODENT

  Senator Jeff Klein, along with Assemblyman Jeffrey Dinowitz, and Councilman Andrew Cohen,  sponsored a special city Department of Health workshop Thursday night at Van Cortlandt Jewish Senior Center that offered safe and effective methods for rat prevention to community members.

The unique class was organized after residents voiced their concerns over numerous rat disturbances in the area, including on Stevenson Place, just a block away from where the Rat Academy was held. The rodents are attracted to the retaining wall on that street, which provides a good place for them to burrow, a DOH representative explained at the class. Other locations visited and occupied by rats could be found online at www.nyc.gov/rats. The DOH encouraged the participants to visit the website’s “Rat Information Portal” to learn where the animals are active in their neighborhood.  

“It’s time to tackle our rat problem head on by educating everyone about the best ways to keep these rodents away from our homes and neighborhoods. I’m thrilled to have co-sponsored a Free Rat Academy with Assemblyman Jeffrey Dinowitz and Council Member Cohen. Rats don’t belong in our houses, apartments, or backyards. The city Department of Health is well versed in rat prevention and I’m thankful they offered free training to our community members,” said Senator Klein.     

“I am pleased to partner with my colleagues Senator Klein and Council Member Cohen in order to address this problem. Rats are here, there’s no ignoring it, but they aren’t welcome to stay and they don’t have to. We can drastically reduce rat populations and keep our homes clean by educating ourselves and following simple rules that can prevent rats from infesting buildings and houses. If everyone learns about what they can do to protect themselves and their garbage from rats, we can get these rodents out of our neighborhoods,” said Assemblyman Dinowitz.

“I am pleased to be co-sponsoring a Rat Academy in my Council District, with the New York City Health Department and fellow elected officials.  Rats are a huge public health hazard, particularly if they enter the buildings where we live and work.  The Health Department has great expertise in how to keep rodents out of buildings.   Rat Academy is an opportunity for them to share that knowledge with tenants and buildings managers in my district, so we can all be partners in improving the quality of life in our community,” said Council Member Cohen.

The DOH provided tips and pointers on how to prevent an infestation, as well as how to best manage an existing rat problem during the two hour workshop. Removing potential food, water and shelter sources is a simple solution  to combat the four-legged critters. A DOH representative also encouraged the community members to not feed pigeons or feral cats, as these food sources also attract rats.

The city agency sent the audience home with free rodent-resistant garbage cans. During the Rat Academy, the DOH highlighted how garbage is a major attraction to rats. The rodents usually burrow and live within close proximity to waste.  Because of this, the participants were told to make sure their garbage is always 100 percent contained.

Wave Hill Events Feb 10–Feb 17

Time Out New York readers recently voted Wave Hill their most loved cultural venue, and that makes us especially happy to welcome all our valentines this year. May we recommend combining our blissfully peaceful oasis with the activity of your choice: Brush up on the language of flowers, heart the manatee at a family card-making project, decorate your own cookies, and cap the visit off with a browse in the Shop for sweet gifts—and take advantage of a sale on some of our most handsome jewelry.

The second speaker in our horticultural lecture series for 2017, David Fried, has some passions of his own, namely getting us all into growing organic fruit and nut trees. Some tickets are still available for this lively and engaging talk!

SAT, FEBRUARY 11    FAMILY ART PROJECT: HEARTS FOR FLOWERS, LOVE FOR MANATEES

As we look ahead to Valentine’s Day, let’s spread the love like the petals of a bursting flower. Layer an abundance of hearts in circular formations to create joyful and rapturous flowery cards and gifts. Today, we also give some love to the majestic manatees. Their populations at record lows, these wonderful “sea cows” need our support. Hear touching tales about these marine creatures and make a stuffed-manatee valentine gift or card.  Free, and admission to the grounds is free until noon. Valentine’s Weekend event.

WAVE HILL HOUSE, 10AM‒1PM

SAT, FEBRUARY 11   VALENTINE’S DAY IN THE SHOP

With Valentine's Day in mind, The Shop at Wave Hill is opening its cases of quality jewelry to a 30% off sale on a wide selection. Combine a browse with a quiet walk through the gardens for a perfect winter outing. The sale continues through Valentine’s Day, February 14. Purchases over $100 in The Shop on Valentine’s Weekend receive a gift of chocolate!

PERKINS VISITOR CENTER, 10AM–4PM

SAT, FEBRUARY 11    GARDEN & CONSERVATORY HIGHLIGHTS WALK

Join us for an hour-long tour of seasonal garden highlights. Free, and admission to the grounds is free until noon.

MEET AT PERKINS VISITOR CENTER, 11AM

SAT, FEBRUARY 11    LANGUAGE OF FLOWERS DROP-IN TOUR

Stop by the Marco Polo Stufano Conservatory for a drop-in tour of the fragrant plants currently in bloom and learn the language of flowers. Free with admission to the grounds.

MARCO POLO STUFANO CONSERVATORY, NOON–2PM

SAT, FEBRUARY 11    WINTER WORKSPACE SESSION 1 OPEN HOUSE

This winter, Glyndor Gallery is transformed again into studio spaces for artists to develop new work and offer opportunities for public interaction in the context of the garden. Individual artists share their studio practice with the public on this open studio day. This year’s Session 1artists are Dahlia Elsayed, Rosemarie Fiore, Crystal Gregory, Yeon Jin Kim, Summer McCorkle and Anne Percoco & Ellie Irons. Free with admission to the grounds.

GLYNDOR GALLERY, NOON‒3:30PM

SAT, FEBRUARY 11    HEARTS AND FLOWERS COOKIE DECORATING WORKSHOP 

Roses are red, violets are blue, cookies are colorful, and sprinkles are, too! Bring your sweethearts to Wave Hill this Valentine’s Day for a special cookie decorating event. Use sanding sugars, cookie icing and a variety of sprinkles to design your own cookies. Fill a box with your creations to show that certain someone how much you love them. Perfect for families and crafty visitors of all ages. $20/$10 Wave Hill Member per project. No registration required for this drop-in workshop. Valentine’s Weekend event.

ARMOR HALL, 12‒2PM

SUN, FEBRUARY 12    WINTER BIRDING

The Hudson River Valley hosts an impressive diversity of bird species, even during the winter months. Explore Wave Hill’s tranquil gardens and woodlands with naturalist Gabriel Willow to observe birds in their winter habitats. Birders of all levels welcome. Ages 10 and older welcome with an adult. Severe weather cancels. Free with admission to the grounds. NYC Audubon members enjoy two-for-one admission to the grounds.

MEET AT PERKINS VISITOR CENTER, 9:30AM

SUN, FEBRUARY 12    FAMILY ART PROJECT: HEARTS FOR FLOWERS, LOVE FOR MANATEES

As we look ahead to Valentine’s Day, let’s spread the love like the petals of a bursting flower. Layer an abundance of hearts in circular formations to create joyful and rapturous flowery cards and gifts. Today, we also give some love to the majestic manatees. Their populations at record lows, these wonderful “sea cows” need our support. Hear touching tales about these marine creatures and make a stuffed-manatee valentine gift or card.  Free with admission to the grounds.Valentine’s Weekend event.

WAVE HILL HOUSE, 10AM‒1PM

SUN, FEBRUARY 12   VALENTINE’S DAY IN THE SHOP

With Valentine's Day in mind, The Shop at Wave Hill is opening its cases of quality jewelry to a 30% off sale on a wide selection. Combine a browse with a quiet walk through the gardens for a perfect winter outing. The sale continues through Valentine’s Day, February 14. Purchases over $100 in The Shop on Valentine’s Weekend receive a gift of chocolate!

PERKINS VISITOR CENTER, 10AM–4PM

SUN, FEBRUARY 12    HEARTS AND FLOWERS COOKIE DECORATING WORKSHOP 

Roses are red, violets are blue, cookies are colorful, and sprinkles are, too! Bring your sweethearts to Wave Hill this Valentine’s Day for a special cookie decorating event. Use sanding sugars, cookie icing and a variety of sprinkles to design your own cookies. Fill a box with your creations to show that certain someone how much you love them. Perfect for families and crafty visitors of all ages. $20/$10 Wave Hill Member per project. No registration required for this drop-in workshop. Valentine’s Weekend event.

ARMOR HALL, 12‒2PM

SUN, FEBRUARY 12    FAMILY NATURE WALK

Join naturalist and educator Gabriel Willow on a family-friendly walk through the gardens or woodlands. Ages six and older welcome with an adult. Severe weather cancels. Free with admission to the grounds.

MEET AT WAVE HILL HOUSE, 12:30PM

SUN, FEBRUARY 12    GARDEN & CONSERVATORY HIGHLIGHTS WALK

Join us for an hour-long tour of seasonal garden highlights. Free with admission to the grounds.

MEET AT PERKINS VISITOR CENTER, 2PM

MON, FEBRUARY 13    

Closed to the public

TUE, FEBRUARY 14   VALENTINE’S DAY IN THE SHOP

With Valentine's Day in mind, The Shop at Wave Hill is opening its cases of quality jewelry to a 30% off sale on a wide selection. Combine a browse with a quiet walk through the gardens for a perfect winter outing. The sale end today. 

PERKINS VISITOR CENTER, 10AM–4PM

WED, FEBRUARY 15    FRUITS YOU ONLY DREAMED YOU COULD GROW—A HORTICULTURAL LECTURE BY DAVID FRIED

Every yard and patio can be a small universe of edibles. Flowering, ripening, with exotic aromas and splashes of color, nothing inspires and satisfies like your own home fruit grove. Described as a pioneer in propagating and nurturing certified organic fruit and nut trees, David Fried founded Elmore Roots Nursery—in Vermont just south of the Canadian border—more than 30 years ago. Elmore Roots is a small farm that grows apples, plums, northern kiwis and pears, as well as black walnut and hazelnut and other nut trees. Wave Hill’s annual horticultural lecture series is held at the New York School of Interior Design. Three-lecture series: $60/$50 Wave Hill Member or student. Individual tickets: $25/$20 Wave Hill Member or student. Seating is limited, and advanced reservations are recommended, online at wavehill.org beginning November 16. The last lecture of the series takes place on March 15, when Jack Staub will speak about Hortulus Farm.

NEW YORK SCHOOL OF INTERIOR DESIGN, 6‒7:30PM

A 28-acre public garden and cultural center overlooking the Hudson River  and Palisades, Wave Hill’s mission is to celebrate the artistry and legacy of its gardens and landscape, to preserve its magnificent views, and to explore human connections to the natural world through programs in horticulture, education and the arts.

HOURS  Open all year, Tuesday through Sunday and many major holidays: 9AM–4:30PM.  Closes 5:30PM, March 15–October 31.

ADMISSION  $8 adults, $4 students and seniors 65+, $2 children 6–18. Free Saturday and Tuesday mornings until noon. Free to Wave Hill Members and children under 6.

PROGRAM FEES  Programs are free with admission to the grounds unless otherwise noted.

Visitors to Wave Hill can take advantage of Metro-North’s one-day getaway offer. Purchase a discount round-trip rail far and discount admission to the gardens. More at http://mta.info/mnr/html/getaways/outbound_wavehill.htm

DIRECTIONS – Getting here is easy! Located only 30 minutes from midtown Manhattan, Wave Hill’s free shuttle van transports you to and from our front gate and Metro-North’s Riverdale station, as well as the W. 242nd Street stop on the #1 subway line. Limited onsite parking is available for $8 per vehicle. Free offsite parking is available nearby with continuous, complimentary shuttle service to and from the offsite lot and our front gate. Complete directions and shuttle bus schedule at www.wavehill.org/visit/.

Information at 718.549.3200. On the web at www.wavehill.org.

VISION ZERO: MAYOR DE BLASIO PROPOSED BUDGET INVESTS IN MORE CROSSING GUARDS AND STREET SAFETY REDESIGNS

With safest-ever year in 2016, New York City's FY18 budget will accelerate street redesigns and increase Vision Zero traffic enforcement -- dedicating an additional $400 million over next five years

  Mayor Bill de Blasio today announced that the proposed New York City budget for Fiscal Year 2018 would include an unprecedented commitment to Vision Zero, his signature program to reduce traffic injuries and fatalities. The budget will expand the City’s five-year commitment to traffic safety to $1.6 billion, dedicating over $400 million in new resources for street redesign, street markings, lighting and other engineering improvements, while increasing the number of NYPD crossing guards and increasing capacity of the NYPD to crack down on dangerous driving.  The Mayor made his announcement in front of the Barclays Center in Brooklyn, at the intersection of Atlantic and Flatbush Avenues, which will be among DOT’s targets for major safety improvements in 2017.  He was joined at the announcement by Doren Johnson, a 16-year old LaGuardia High School student injured in a crash at this location two years ago.

"With three straight years of declining traffic fatalities in New York City that are strongly countering national trends, Vision Zero has already made a difference in saving lives," said Mayor Bill de Blasio. "But we have said that we must always do more. Our proposed budget will allow us to keep kids safe around our schools and expand DOT's most effective efforts to make our streets even safer."

"As we further expand our commitment to Vision Zero, New York City has bucked national trends around traffic safety," said DOT Commissioner Polly Trottenberg. "With this new budget, we thank Mayor de Blasio for his continued strong leadership to continue that momentum in advancing the cause of safe streets. After three years of record progress on street redesign, we look forward to fulfilling the Mayor's charge to do even more."

"New York City continues to lead the way on Traffic Safety,” said Chief Thomas M. Chan. “With a strong foundation already in place, the Mayor’s new budget will build upon this by providing local precincts with additional state-of-the-art equipment for speed enforcement which is critical to the success of the Vision Zero initiative. The addition of School Crossing Guards and supervisors will help to ensure full coverage on the existing School Crossing Guard Posts; providing safe passage to and from school for our children. The Mayor’s budget strengthens the Police Department’s position in pursuit of Vision Zero.”

  

Vision Zero highlights from the FY18 Preliminary Budget include:

·         Ensure School Crossing Guards at Every Post (FY17 $5.4M, FY18 $6.3M, FY19 $6.7M, FY20 and out $7.2M) Hire 100 full-time School Crossing Guard supervisors and 200 additional part-time School Crossing Guards to ensure 100 percent coverage at all school crossing posts citywide and create a mobile replacement squad to prevent empty posts from absence. While crossing posts are currently covered at near 100 percent rates by using Traffic Enforcement Agents and occasionally police officers, this funding ensures full coverage by crossing guards, allowing these agents and officers to be redeployed to other duties, including enforcement against dangerous driving.

·         Expanded Vision Zero Capital Funding for Major Street Safety Reconstruction. (FY18-FY23 $317M) DOT capital street projects are major street construction projects that often include full reconstruction of the roadbed, sidewalks and underlying infrastructure. These projects can completely realign complex intersections or provide permanent safety improvements like raised medians, while enhancing the livability of communities. These dollars represent a major long-term commitment to building out safer corridors and intersections for years to come. 

·         Faster Replacement and Refurbishment of Street Markings and Safer Crosswalks Citywide. (FY17 $7M, FY18 $12M, FY19 $15M, FY20 $17M, FY21 $19M) Street markings are now updated on a replacement cycle that on average is over 6 years -- which has sometimes led to faded markings late in the cycle.  New funding will provide for a new 4.5-year replacement cycle for existing markings, and also support the addition of 15 million linear feet of new markings per year for wider deployment of safer street designs.  With this change, DOT will make the high-visibility “piano-key” crosswalk the standard crosswalk citywide.

·         Intersection Upgrades Along Bike Lane Network for Safer Cycling. (FY 17 $245K, FY18 $690K, FY19 $649K, FY20-21 $607K) This funding will enable a new program dedicated to targeted safety enhancements and upgrades at key intersections within the bike network.  Nearly 90 percent of fatalities and severe injuries to cyclists occur at intersections and about 20 intersections will be improved per year.

·         Quick-Install Left-Turn Calming Measures at Hundreds of Intersections. (FY18 $325K, FY19-FY21 $275K) In 2016, DOT published an analysis, Don't Cut Corners, which revealed that left turns are three times as likely to cause serious pedestrian crashes as right turns.  In response, DOT developed new treatments to calm left turns and installed them at over 100 intersections. This new funding will help DOT install and maintain the treatments at about 100 other high-risk intersections per year.  

·         Increase the Number of Enhanced Pedestrian Crossings. (FY17 $66K, FY18-21 $242K) Improve safety and accessibility of intersections that are not suitable for traffic signals or stop signs. This new program combines elements including high-visibility marked crosswalks, ADA-compliant pedestrian ramps and crossing signs, and will allow DOT to study up to 100 intersections for the treatment each year.

·         Brighter Lighting at 1,000 High-Risk Intersections. (FY18 $636K, FY19-21 $566K).  Only 13 percent of pedestrian travel occurs during darkness, but approximately 40 percent of pedestrian fatalities occur during this time. In order to reduce the risk DOT will boost lighting at approximately 1,000 intersections across the City by adding additional lights over crosswalks, doubling the number of lighting upgrades DOT has performed since 2013.

·         Increased Speed Detection and Traffic Enforcement Tools for Every NYPD Precinct. (FY18 $550K) This new money will allow the purchase of 120 handheld laser speed detection guns to be deployed to the local precincts – increasing the speed detection equipment at the precinct level by 50 percent. Each precinct currently has two speed detection guns. This will provide a third for each precinct, as well as spares to mitigate equipment downtime, and 15 vehicle mounted lasers for the Highway District.