academicexperts

Case Scenario #2
Pat Smith is an IT Security Specialist for a large e-commerce company. As part of their job, Pat routinely scans the company’s network for security threats and vulnerabilities. One day, Pat discovered a vulnerability in the company’s network that has resulted in customer credit card data being left unencrypted and at risk. When Pat checked out the vulnerability, Pat discovered that, sure enough, they were able to see customer credit card data. Company protocol requires Pat to immediately report the security issue to the company’s Chief Information Security Officer and to take steps to protect the data. However, Pat’s been disgruntled with their employer lately and thinks it would serve the company right to get some bad press. In Pat’s opinion, the company makes million off the backs of exploited workers and Pat is tired of it. 
Instead of reporting the issue and taking actions to fix it, Pat decides to leak information about the vulnerability. Pat does not actually want any customers to lose money. Pat simply wants to create a public relations headache for the company. Pat assumes the issue can be elevated and the vulnerability patched before anything bad happens.  Instead, as it turns out, a hacker learns of the information Pat shared, accessed the network to harvest the customer credit card data, and sold it on the dark web. 
Questions for Case Scenario #2 (above):
What crime(s) has (have) been committed in this scenario? By whom? Identify and discuss the elements of the crime(s).
What tort claim(s) might an affected customer have against the company? Explain your answer, with a discussion of the elements of the tort(s) you identify.
If you are advising the company about what they can do to prevent something similar from happening in the future, what do you tell them?
Don’t forget to include a citation to your textbook (including page numbers) for the law 
you use and apply in your post.
Dynamic Business Law- textbook 
ISBN13:     9781264125906