According to the Federal Trade Commission, the privacy-protecting firm Lifelock has failed to adhere to the terms of a 2010 settlement to improve its ability to protect personal data. Wired:
…the FTC found in 2010 that the company had failed to provide “reasonable and appropriate security to prevent unauthorized access to personal information stored on its corporate network,” either in transit through its network, stored in a database, or transmitted over the internet.
Lifelock had been ordered to remedy that situation, but according to the complaint filed today, it has failed to do so. The complaint is currently sealed, but the previous finding from 2010 provides insight into the company’s security failures.
Lifelock promised to maintain fraud alerts on your cards and other lines of credit, monitoring the three credit reporting agencies for shenanigans. The idea was to prevent ID theft and other crimes related to this personal data.
Unfortunately for Lifelock, its customers, and a CEO whose identity was stolen by a troll who took out a $500 loan in his name, it’s been quite the shitshow since the beginning.