Utah Company and Its Former CEO Settle with FTC Over Alleged Security Failures

Jan 7, 2020 08:00 pm Cyber Security 316

Utah Company and Its Former CEO Settle with FTC Over Alleged Security Failures

The US Federal Trade Commission has reached a settlement with a Utah company and its former CEO over allegations that shoddy security practices led to the personal information of over a million customers' being illegally accessed in multiple hacks.





InfoTrax Systems, L.C. and its founder and former CEO Mark Rawlins allegedly failed to use reasonable, low-cost, and readily available security protections to safeguard the personal information they maintained on behalf of the company’s business clients. 





As a result of the alleged security failures, a hacker infiltrated InfoTrax’s server, along with websites maintained by the company on behalf of clients, more than 20 times from May 2014 until March 2016. 





Sensitive personal information accessed by the hacker included consumers' Social Security numbers, full names, addresses, email addresses, telephone numbers, usernames, passwords, and payment account numbers with expiration data and CVVs, according to the FTC’s complaint. None of the consumer data stored had been encrypted.





It is further alleged that the presence of the intruder inside the company's system from May 5, 2014, to March 7, 2016, was only discovered because InfoTrax began receiving alerts that one of its servers had reached maximum capacity. 





In its complaint, the FTC wrote: "The only reason Respondents received any alerts is because an intruder had created a data archive file that had grown so large that the disk ran out of space. Only then di ..

Support the originator by clicking the read the rest link below.

company former settle alleged security failures
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!