LifeLock was ordered to implement better security practices, but in a new complaint filed in July of this year, the FTC alleged that LifeLock failed to implement the required changes.
This time around, LifeLock’s alleged misdeeds include failing to establish a system to protect all the information that LifeLock gathered, falsely advertising that the company protected its data as closely as financial institutions must protect their information, falsely advertising that LifeLock customers would receive alerts the moment that the company noticed any suspected fraud, and failing to follow the record-keeping rules that the FTC imposed on the company in 2010.
According to SEC filings, LifeLock generated $476 million in revenue in 2014, “an increase of $106.4 million from $369.7 million in 2013,” the company wrote. In addition to the $100 million settlement that the company will have to pay, LifeLock said in a press release to investors that it also owes $13 million in additional legal and administrative fees.
In a statement today, LifeLock wrote, “The allegations raised by the FTC are related to advertisements that we no longer run and policies that are no longer in place. The settlement does not require us to change any of our current products or practices. Furthermore, there is no evidence that LifeLock has ever had any of its customers’ data stolen, and the FTC did not allege otherwise.”