Lifelock, an identity theft monitoring and fraud detection company, has agreed to pay $100 million to settle charges raised by the Federal Trade Commission (FTC), for its failure to secure customers’ personal data.
The Tempe, Arizona-based firm was found to have violated a 2010 court order that required it to protect customers’ personal information. Lifelock was also accused of falsely advertising that it secured sensitive data including social security, credit and bank account numbers, using the same high-level measures as banks.
LifeLock was fined $12 million in 2010 its misleading ads, which claimed that the company would protect customers from identity theft for only $10 a month — but the FTC noted that LifeLock only put fraud alerts on its customers’ credit files and didn’t prevent the use of their personal information by scammers to secure loans or apply for jobs.
In addition, one of the company’s ads featured CEO Todd Davis proudly displaying his social security number to show how confident he was that he’d be protected by LifeLock. His identity was reportedly stolen 13 times.
Last May, LifeLock’s Wallet app was pulled from app stores over security concerns. Wallet allowed users to store credit card information, access codes and the like; the company shuttered the app temporarily as it found that not all of its measures to protect user data were up to code.
However, in a statement, LifeLock claimed that the FTC’s charges are out of date:
The allegations raised by the FTC are related to advertisements that we no longer run and policies that are no longer in place. The settlement does not require us to change any of our current products or practices. Furthermore, there is no evidence that LifeLock has ever had any of its customers’ data stolen, and the FTC did not allege otherwise.
➤ LifeLock to Pay $100 Million to Consumers to Settle FTC Charges it Violated 2010 Order [Federal Trade Commission via Reuters]