Here’s the story of a database of sensitive consumer information – names, addresses, phone numbers, email, and payment information – posted on a site frequented by (among others) hackers. It took just minutes before identity thieves tried to make unauthorized use of the information. But this tale of stolen credentials is full of surprises, including who posted the data.
Blog Posts Tagged with Data Security
It’s the thread that connects Alexandre Dumas’ The Man in the Iron Mask, the title character in The Talented Mr. Ripley, Don Draper’s back story in Mad Men – and an event scheduled for May 24, 2017, at the FTC.
It’s identity theft.
You’ve probably heard about the ransomware attack affecting organizations’ computer systems around the world. Here’s the best thing your company can do to avoid it: Update your operating system and other software. Now.
When scammers and hackers attack small businesses, it hurts not only the businesses’ reputations and bottom line, but also the integrity of the marketplace. Today, FTC Acting Chairman Maureen Ohlhausen announced a new FTC website, FTC.gov/SmallBusiness, to help business owners avoid scams, protect their computers and networks, and keep their customers’ and employees’ data safe.
It’s wise to maintain a reasonable speed: 1) when you’re behind the wheel; or 2) when you’re preparing your public comments for the June 28, 2017, workshop on connected cars hosted by the FTC and the National Highway Traffic Safety Administration. That’s why we’re extending the deadline for your feedback to Monday, May 1st.
Commercial cross-border data flows continue to grow in our internet-enabled economy. These data flows, often involving personal data, support innovative new business services and consumer products. At the same time, they raise questions of how to protect privacy across borders. Various mechanisms help both businesses and consumers with this challenge. One in which the FTC plays a key role is the EU-U.S. Privacy Shield.
In the 80s, the appropriately-named group The Cars asked the musical question, “Who’s gonna drive you home?” The FTC and the National Highway Traffic Safety Administration are hosting a workshop on June 28, 2017, to examine the consumer privacy and security implications of automated and connected motor vehicles. The questions won’t be of the musical variety, but we have a list of them and welcome your input.
Businesses often ask: “If I comply with the NIST Cybersecurity Framework, am I complying with what the FTC requires?” Maybe you read our blog explaining how the NIST Cybersecurity Framework relates to the FTC’s work on data security? Now, check out this related video featuring Andrea Arias, an attorney in the FTC’s Division of Privacy and Identity Protection.
Financial technology remains a hot topic for consumers, offering the possibilities of increased convenience and access to financial services at a lower cost. As part of its FinTech Forum series, the FTC continues to promote public discussion of the ways in which innovative FinTech services – many provided by non-banks and technology companies within the FTC’s jurisdiction – can benefit consumers and the potential issues for stakeholders to keep in mind.
Today kicks off National Consumer Protection Week, but what the FTC does to protect consumers is only part of the story. We also work hard to help small business get down to business. Here are just a few examples of what we’re doing to protect your business from deceptive practices.
When internet fraudsters mimic a legitimate business to trick consumers into giving out their personal information, it’s called phishing. It’s not just a problem for consumers, but for the companies the scammers are impersonating too. The FTC has long provided advice to consumers about steps they can take to avoid phishing scams. But what should you do if customers contact your company upset that they responded to a phishing email from a scammer impersonating your legitimate business?
Phishing emails can harm businesses whose identities are spoofed. Don’t want that to happen to your business? Read the new Staff Perspective from our Office of Technology, Businesses Can Help Stop Phishing and Protect their Brands Using Email Authentication.
To facilitate the transfer of data, many U.S. companies that do business internationally participate in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (CBPR) system. It’s voluntary, of course, but if companies say they participate, that representation – like other objective claims – must be truthful. That’s the lesson of three proposed settlements just announced by the FTC.
We recently saw a fellow diner reach across the cafeteria soup station until splat! His phone fell out of his shirt pocket and into the minestrone. But even before he ladled out his soup-logged smartphone, he reached into his bag and took out his tablet. As consumers have come to rely on multiple devices, companies are using technologies to connect a consumer’s activity across those devices – smartphones, tablets, desktops, laptops, and more.
What’s that sound? It’s the buzz of the crowd gathering this morning for the FTC’s second PrivacyCon. Leaders from academia, advocacy groups, and industry have convened for a day devoted to the latest research and trends about consumer privacy and data security.
Thanks to the Internet of Things, consumers can easily share a photo with family or watch from the office what’s going on at home. But share a tax return with a hacker, have some creep silently gaze at the live feed from your family room, or have your personal conversations remotely recorded?
It’s a challenge worthy of Drs. Peter Venkman, Egon Spengler, and Ray Stantz – and it could result in a prize of as much as $25,000 for a creative tech tinkerer.
“Just like the white winged dove sings a song,” you can count on the BCP Business Blog to celebrate the “Edge of Seventeen” – 2017, of course – with a recap of in-case-you-missed-it developments from 2016. (Sorry, Stevie Nicks. That was a stretch.) In no particular order, here is our take on ten noteworthy consumer protection actions from the year gone by.
For academics and researchers in consumer privacy and data security, think of it as Coachella without the sand and Burning Man with nothing spontaneously combusting (we hope).
If you care about data security and privacy, you’ll want to read about the FTC’s settlement with ruby Corporation, ruby Life Inc., and ADL Media Inc. – the companies that operate AshleyMadison.com.