The breach was notable because the Geeks.com site prominently displayed a "Hacker Safe" seal provided to companies by McAfee Inc. as part of its ScanAlert vulnerability scanning service. However, McAfee officials said at the time that the Hacker Safe certification — since renamed McAfee Secure — had been withdrawn from Geeks.com on multiple occasions during 2007 after scans found vulnerabilities in its systems.
To me this is shocking. Not because a supposedly secure site was compromised, but because they were improperly displaying the "Hacker Safe" seal.
Where was McAfee?
Didn't it care about its good name? I would guess that Geeks.com would have taken down the "Hacker Safe" seal if McAfee simply asked them to. I doubt even a sternly worded letter would have been necessary. Still, if it had been, there are any number of attorneys who could have written it, and who would have been happy to go to court to get the seal removed if Geeks.com wouldn't take it down otherwise. Happily, the FTC stepped up in this case. However, it's a little surprising that they were the ones who ended up doing it, rather than the private actor who one would think would have had both the incentive and opportunity to have taken action earlier.