The hits just keep coming for the identity fraud protection industry. In the past year there have been dozens of lawsuits agains companies like TJX (parent company of TJ Max, HomeGoods, etc.), Target and Experian.
Even LifeLock, a company that makes money off of companies caught in data theft cases reselling their service, has had a double whammy from the FTC. They were fined $15 million in 2010 for railing to protect consumer data and making false advertising claims regarding the extent of their protection. Last year, the FTC said the company violated the terms of the settlement and hit them with a $100 million contempt fine.
Specifically The FTC alleged that LifeLock violated four components of the 2010 order. First, from at least October 2012 through March 2014, LifeLock failed to establish and maintain a comprehensive information security program to protect users’ sensitive personal information including their social security, credit card and bank account numbers. Second, the filing alleged that during this period LifeLock falsely advertised that it protected consumers’ sensitive data with the same high-level safeguards used by financial institutions. Third, the FTC alleged that, from January 2012 through December 2014, LifeLock falsely advertised that it would send alerts “as soon as” it received any indication that a consumer may be a victim of identity theft. Finally, the FTC alleged that the company failed to abide by the order’s record-keeping requirements.
The truth is that no fraud-alert service can completely secure access to your credit file, especially since they can only protect news accounts you open not existing accounts. Despite all the marketing claims, there is no way to completely safeguard you from identity fraud.