A financial penalty of $3,000 was imposed on Smiling Orchid for failing to make reasonable security arrangements to prevent unauthorised access of its customers’ personal data on its website, whereby users could access other customers’ personal data by altering the URL of its order preview webpage. Smiling Orchid was also issued directions to conduct a security audit and to patch all identified vulnerabilities on its website.

Click here to find out more.