If everyday consumers cannot trust their paid “identity theft” protection service to automatically alert them when someone tries to steal their identity, then, what steps must they take to ensure their personal financial data isn’t stolen by cyber thieves?
In today’s world, the massive amounts of hacking and security breaches are a 24-7 reality. So, to repeat, who can you really trust with your personal identity and financial information?
“I trust Lifelock,” said world-renowned conservative radio talk show host Rush Limbaugh, at the time in 2015, about his big-spending advertiser.
But there may be a problem with Lifelock’s guaranteed promise of personal data protection because the data of millions of customers, government officials reported, apparently weren’t ironclad protected, as advertised by Lifelock’s commercials that reached millions of TV viewers nationwide.
Just ask the FTC about their multiple interactions with Lifelock.
The Federal Trade Commission (FTC) announced in October they would start dispersing $31 million in refund checks stemming from a settlement with Lifelock, Inc. Lifelock has millions of customers who pay a monthly fee to the company to alert them when someone attempts to steal their identity or tamper with consumer financial data.
FTC long term allegations against the identity-theft protection company involve a 2010 data security order. Actually, refund checks will be funded by a 2015 $100 million settlement reached between Lifelock and the FTC.
This final settlement will effectively resolve the claims that Lifelock violated a previous 2010 FTC data security order that required Lifelock to keep consumers’ information safe.
The lawsuit also forbids Lifelock from using deceptive advertisements.
“This settlement demonstrates the Commission’s commitment to enforcing the orders it has in place against companies, including orders requiring reasonable security for consumer data,” FTC Chairwoman Edith Ramirez said in a statement.
Ramirez added, “the fact that consumers paid Lifelock for help in protecting their sensitive personal information makes the charge in this case particularly troubling.”
When the FTC originally hit Lifelock with deceptive trade and false advertisement over four years ago, a company spokesman rebuffed the allegations.
“We disagree with the substance of the FTC’s contentions and are prepared to take our case to court,” the company’s executives responded in a prewritten statement. “Based on the evidence, we do not believe that anything the FTC allege has resulted in any member’s data being taken.”
The Lifelock settlement, according to the FTC, represents the largest of its kind.
“The settlement does not require us to change any of our current product or practices,” Lifelock officials said in a prepared statement.
Not exactly true.
In an interview with the popular business media website called the “Balance,” Virginia Attorney General Ken Cuccinelli has said that Lifelock’s claims of guaranteed protection against identity theft, and also that the company said they are the first data protection service to prevent identity theft from occurring falls short.
“Such claims,” Cuccinelli said, “are ludicrous on the face.”
Cuccinelli said the problem was not so much Lifelock offered a flawed service but that they were misrepresenting the level of security they provided. Cuccinelli said Lifelock’s service is most effective against new account fraud, which is why members can expect an alert when someone tries to open up a new account in their name.
Yet the FTC alleged the service wasn’t as effective in securing customers against the abuse of existing accounts, nor did it offer much protection against medical and employment-related fraud.
Once the lawsuit was filed, Lifelock was required to resolve two options: either scale back on their questionable advertising claims or conform the quality of security they were claiming to provide for millions of customers.
FTC’s contempt charges against Lifelock are listed here:
- From 2012-2014, Lifelock falsely claimed to provide alerts to customers soon as it received any indication of a problem.
- Lifelock falsely advertised that it protected consumers’ sensitive data with the same high-level safeguards as financial institutions.
- Failed to establish and maintain a comprehensive information security program to protect its users’ sensitive personal data, including credit card, social security, and bank account numbers.
- Lifelock failed to meet various record-keeping requirements.
Cuccinelli further said on the “Balance website” interview: “Lifelock has said that about 90% of the members involved in the lawsuit have stayed as customers.”
“Good for them. As long as they understand what they are getting going forward, Lifelock can be a useful service,” Cuccinelli concluded.
The new settlement reached between FTC and Lifelock in 2019 requires the company to extend until 2023 a list of record keeping provisions similar to those ordered by the 2010 settlement.
Why Pay For Identity Theft Services When You Can Do it Yourself?
Identity Theft Protection Services fees can range from $100 or less and upwards to $350 or more per year.
But there’s good news.
You can take off the bull by the horns and perform the same work as that of an identity protection service for little or zero expenses.
For example, if a retailer has been breached, and, in return, the retailer offers free credit monitoring, you should accept it immediately. The downside to this offer is: free monitoring services can create a false sense of security because credit monitoring doesn’t always automatically prevent fraud on your existing credit accounts.
Please heed this warning: don’t click on links offering free ID protection.
Because such an offer may lure you into the hands of eager hackers determined to steal your identity for financial gain.
Are you familiar with security freeze? A freeze can block potential creditors from viewing your credit file and also prevent a thief from obtaining new credit in your name. A freeze is generally implemented if your Social Security number was stolen.
Still, you must keep in mind, you must request a freeze with all three credit bureaus. Fees for this service average between $2 and $12 per freeze, per bureau. There is no charge for the “freeze” service when identity theft victims request it.
On another note, you can ask the credit bureaus to temporarily lift the freeze when you need to apply for your new credit for a similar fee.
How to Monitor Your Online Account
Maintain a watchful eye on your most recent account activity by signing up for online access to your bank and credit card accounts or by utilizing a mobile-banking app. Smart phone-banking also allows consumers to watch their accounts in real-time; no matter where they travel. Your account sends an alert to your phone when suspicious activity is detected.
Why Pay to View Your Credit Report When it’s Free?
Why pay financial services or ID programs to detect potential fraud or incorrect information on your credit report when you can get free credit reports to view at your convenience?
First, start with three free offers per year. (one from each of the big three credit bureaus) including: annualcreditreport.com
There are certain states that entitle consumers to three extra free credit reports. After filing a 90-day fraud alert, you should receive free credit reports from each bureau, which is a procedure you do within 90-days if your financial information or identity were stolen in a breach. Be sure to opt only for 90-days fraud alerts, not the seven-year extended fraud.
Of course, you may never know if a breach captures your password for online accounts or email. Some people consider changing passwords occasionally.
But more importantly, never use the same password on multiple online accounts. Every password should be unique.
For safer protection, try using an online password management service like LastPass. LastPass generates and stores complex encrypted passwords.
Services like LastPass, Dashland, Keepass, and 1Password are unique services capable of safeguarding consumers’ financial information against criminal hackers by generating and storing a different password on any technology device (laptops, desktops, tablets, and smartphones). The encrypted password by one of the aforementioned services is so strong and complicated that it probably takes a hacker between decades and centuries to successfully crack the code.
Consumer Reports tested LastPass effectiveness and readily concluded the program actually provides a beneficial service. You can choose to also use antivirus, anti-spyware, anti-phishing software and a firewall on your personal computer, smartphone and other tech devices connected to the internet, and be sure to keep them updated.
Another helpful tip is to prevent credit bureaus from selling your name to lenders who send pre-approved offers that thieves can easily steal from your mailbox. Opt-out from these solicitations for free by going online to: optoutprescreen.com or call 888-567-8688.
If you are due an FTC refund check payable by Lifelock, you should cash it within 60 days. Contact Rust Consulting for any questions regarding refunds at: 1-866-898-5106
Overall, in the scheme of things, arising from the ashes of the Lifelock lawsuit, only the powerful high-dollar attorneys representing the company and the states that were part of the suit actually got paid megabucks while consumers who were part of the class action suit are lucky to grab between $10-$29, just barely enough to pay off a single month of Lifelock service.
Newsblaze reporter and investigative journalist Clarence Walker; can be reached at: [email protected]