May 10, 2006 6:33 PM

FTC Has Real Estate Company Down in the Dumpster

The Nations Holding Company and its subsidiary, Nations Title Agency, whose privacy management system included letting a hacker access their database and tossing documents with customers’ social security numbers into an open dumpster, agreed today to being audited for the next 20 years, according to the Federal Trade Commission. The company routinely obtained "sensitive consumer […]

The Nations Holding Company and its subsidiary, Nations Title Agency, whose privacy management system included letting a hacker access their database and tossing documents with customers' social security numbers into an open dumpster, agreed today to being audited for the next 20 years, according to the Federal Trade Commission.

The company routinely obtained "sensitive consumer information from banks, real estate brokers, consumers, and public records that include such things as consumer names, Social Security numbers, bank and credit card account numbers, and credit histories," but didn't bother to implement the most basic IT protections, according to the FTC complaint.

According to the complaint, a hacker exploited these failures by using a common Web site attack to gain access to NHCøs computer network. In addition, a Kansas City television station found documents containing sensitive consumer information discarded in NHCøs and NTAøs unsecured dumpster.

The FTC says the company, owned by one Christopher M. Likens, violated FTCøs Safeguards Rule, Privacy Rule and the FTC Act by not implementing the most basic safeguards while claiming it was in compliance with federal information protection standards.

The company's privacy policy stated:

NTA, at all times, strives to maintain the confidentiality and integrity of the personal information in its possession and has instituted measures to guard against its unauthorized access. We maintain physical, electronic and procedural safeguards in compliance with federal standards to protect the information.

While no fine was issued, FTC chair Deborah Platt Majoras continues her crackdown on rogue companies -- which included a $15 million dollar settlement with ChoicePoint for its alleged violations of the Fair Credit Reporting Act and the FTC Act. ChoicePoint also landed itself a 20-year date with an auditor.

The 20-year audit - which NO company wants to deal with - may turn out to be the FTC's best weapon -- far more of a deterrent to shoddy privacy practices than a monetary fine could ever be.†††

Tags: FTC, Privacy, Security Breach

TopicsThreat Level

US Takes Down Botnets Used in Record-Breaking Cyberattacks

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department.

Andy Greenberg

Using a VPN May Subject You to NSA Spying

US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance.

Dell Cameron

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.

Andy Greenberg

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The Quizlet flashcards, which WIRED found through basic Google searches, seem to include sensitive information about gate security at Customs and Border Protection locations.

Sammy Sussman

Your Vape Wants to Know How Old You Are

Companies hope that biometric age-verification tech in cartridges could put flavored vapes back in business. But it's unlikely to solve the real problems.

Boone Ashworth

Politicians Are Spending More Money on Security as They Increasingly Become Targets

Political candidates are purchasing more home alarms, bulletproof vests, and other protections amid rising fears of political violence.

Maddy Varner

Tech Companies Are Trying to Neuter Colorado’s Landmark Right-to-Repair Law

A bill in Colorado is a glimpse into the future of how corporations are working to limit the freedom people have to make their own fixes and upgrades.

Boone Ashworth

Livestream Replay: The War Machine

A panel of WIRED experts dissected the defense tech industry’s impact on modern warfare.

Tim Marchman

The DOJ Misled a Judge About How It’s Using Voter Roll Data

The acting head of the DOJ’s voting section told a judge last week that the agency had not touched the nonpublic voter roll data it has collected. That wasn’t true.

David Gilbert

Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s

Plus: Apple makes big claims about the effectiveness of its Lockdown Mode anti-spyware feature, Russia moves to implement homegrown encryption for 5G, and more.

Andrew Couts

The IRS Wants Smarter Audits. Palantir Could Help Decide Who Gets Flagged

Documents show the tax agency is testing a Palantir tool to surface “highest-value” audit and investigation targets from a maze of legacy systems.

Caroline Haskins

What’s With the US Ban on Foreign Routers?

The FCC just banned the sale of new consumer-grade Wi-Fi routers manufactured outside the US. Here’s what it means for you.

Simon Hill