Customers who hired the infamous ID theft-protection firm Lifelock to monitor their identities after their data was stolen in a breach were in for a surprise. It turns out Lifelock failed to properly secure their data.
According to a complaint filed in court today by the Federal Trade Commission, Lifelock has failed to adhere to a 2010 order and settlement that required the company to establish and maintain a comprehensive security program to protect sensitive personal data users entrust to the company as part of its identity-theft protection service.
This is ironic, of course, because Lifelock promotes its services to companies that experience data breaches and urges them to offer a complimentary Lifelock subscription to people whose data has been compromised in a breach. To properly monitor victims' credit accounts to protect them against ID theft, Lifelock requires a wealth of sensitive data, including names and addresses, birth dates, Social Security numbers, and bank card information.
...
But it turned out that none of that data was encrypted. The company also had poor password management practices for employees and vendors who accessed the information, and Lifelock failed to limit access to sensitive data to only people who needed access.What's more, the company failed to apply critical security patches and updates to its network and "failed to employ sufficient measures" to detect and prevent unauthorized access to its network, "such as by installing antivirus or antispyware programs on computers used by employees to remotely access the network or regularly recording and reviewing activity on the network," the FTC found.
(Score: 1) by Absolutely.Geek on Thursday July 23 2015, @09:02PM
I have to disagree; the company proports itself as a premium service offering a very specific product. They play on peoples fears and make bold claims.
Most people don't understand HOW technology works; thus they trust people that do. To most people programmers / sys admins / general computer geeks are modern day wizards; give your data to someone who is "good" at protecting it thus it will be safe.
I always feel sorry for the 80 year old lady that gets scammed out of her life savings; because the scammers usually play on her fears of being old and infirm; not understanding the modern world etc... It is not her fault any more then it is the fault of the people / companies that got duped here. You Mr/s AC are a cock.
Also your assertion that you data is more protected by being spread wider.....that may seem likely; but in practice I doubt it is true.
Don't trust the police or the government - Shihad: My mind's sedate.