Virginia, along with 34 other states, has settled a lawsuit with Phoenix, Ariz.-based Lifelock.
The states and the Federal Trade Commission charged the identity protection company with false advertising.
Virginia Attorney General Ken Cuccinelli told the Associated Press that Lifelock agreed to stop saying it protects against all types of identity theft and pay $11 million in restitution to customers, as well as another $1 million to pay for the investigation.
The company’s advertises heavily on radio, and CEO Todd Davis shares his social security number in ads. Ironically he became a victim of identity theft himself.
Wired Magazine has more on the story:
In fact, Lifelock CEO Davis was the victim of identity theft in 2007 when a thief used his widely advertised Social Security number to obtain a $500 loan in Davis’ name.
Lifelock also promised customers that sensitive data they provided the company to perform its protection services — such as their Social Security number, name and address and bank card information — would be encrypted and protected in other ways on Lifelock’s servers and accessed only by authorized employees on a need-to-know basis.
“Your documents, while in our care, will be treated as if they were cash,” the company promised.
In truth, the FTC said, until at least September 2007, the company failed to provide “reasonable and appropriate security to prevent unauthorized access to personal information stored on its corporate network” either in transit through the network, stored in a database or transmitted over the internet.
Virginia, along with 34 other states, has settled a lawsuit with Phoenix, Ariz.-based Lifelock.
The states and the Federal Trade Commission charged the identity protection company with false advertising.
Virginia Attorney General Ken Cuccinelli told the Associated Press that Lifelock agreed to stop saying it protects against all types of identity theft and pay $11 million in restitution to customers, as well as another $1 million to pay for the investigation.
The company’s advertises heavily on radio, and CEO Todd Davis shares his social security number in ads. Ironically he became a victim of identity theft himself.
Wired Magazine has more on the story:
In fact, Lifelock CEO Davis was the victim of identity theft in 2007 when a thief used his widely advertised Social Security number to obtain a $500 loan in Davis’ name.
Lifelock also promised customers that sensitive data they provided the company to perform its protection services — such as their Social Security number, name and address and bank card information — would be encrypted and protected in other ways on Lifelock’s servers and accessed only by authorized employees on a need-to-know basis.
“Your documents, while in our care, will be treated as if they were cash,” the company promised.
In truth, the FTC said, until at least September 2007, the company failed to provide “reasonable and appropriate security to prevent unauthorized access to personal information stored on its corporate network” either in transit through the network, stored in a database or transmitted over the internet.