Security News

The U.S. Federal Trade Commission wants to slap the former owner of the CafePress custom t-shirt and merchandise site with a $500,000 fine for failing to secure its users' data and attempting to cover up a significant data breach impacting millions. As the consumer protection watchdog explained, CafePress' former owner, Residual Pumpkin Entity, stored its customers' Social Security numbers and password reset answers in plain text, and their data longer than necessary.

The US Federal Trade Commission said today that Americans reported losses of more than $5.8 billion to fraud during last year, a massive total increase of over 70% compared to the losses reported in 2020. The FTC added a total of roughly 5.7 million consumer reports to its Consumer Sentinel Network secure online database in 2021.

The US Federal Trade Commission said today that it will take legal action against Voice-over-Internet Protocol service providers who do not hand over information requested during robocall investigations. The Commission charged Alcazar Networks in December 2020 with facilitating illegal telemarketing calls after it provided VoIP services to an Indian company that used "911" as the caller ID and impersonated the Social Security Administration.

The US Federal Trade Commission said that Americans reported record high losses of $547 million to romance scams in 2021, up almost 80% compared to 2020 and over six times compared to losses reported in 2017. Financial losses stemming from romance scams have skyrocketed during recent years, with a total of $1.3 billion lost over the past five years.

As revealed by the FTC, over 95,000 US consumers reported losses of roughly $770 million after getting scammed on social media platforms. "More than one in four people who reported losing money to fraud in 2021 said it started on social media with an ad, a post, or a message. In fact, the data suggest that social media was far more profitable to scammers in 2021 than any other method of reaching people." the FTC said.

The US Federal Trade Commission and Department of Justice Antitrust Division are launching a joint public inquiry as a first step to modernising merger guidelines and preventing anticompetitive deals. FTC chair Lina Khan said it was time for a merger review because the number of global deals reached in 2021 was the highest ever recorded - at a whopping $5.8 trillion - with the DoJ receiving twice the number of merger filings as in 2020.

The FTC is advising companies to consult the US Cybersecurity and Infrastructure Security Agency's guidance on dealing with the Log4j flaws. If companies fail to fix their code and lose customer data, the FTC says it may just see what a judge thinks about that.

It is critical that companies and their vendors relying on Log4j act now, in order to reduce the likelihood of harm to consumers, and to avoid FTC legal action. The FTC's brief but blunt warning makes an example of the infamous Equifax breach of 2017, where the US credit reporting behemoth was compromised via an unpatched Apache Struts vulnerability with the unassuming bug identifier CVE-2017-5638.

The Federal Trade Commission will muster its legal muscle to pursue companies and vendors that fail to protect consumer data from the risks of the Log4j vulnerabilities, it warned on Tuesday. "The FTC intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of Log4j, or similar known vulnerabilities in the future," according to the warning.

The US Federal Trade Commission has warned today that it will go after any US company that fails to protect its customers' data against ongoing Log4J attacks. "The FTC intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of Log4j, or similar known vulnerabilities in the future," the US government agency said.