The U.S. Federal Trade Commission (FTC) has cracked down on data brokers for allegedly hawking sensitive personal details of unsuspecting consumers to scammers.
In a lawsuit (PDF) against LeapLab filed in U.S. District Court for the District of Arizona in 2014, the FTC charged the data broker with buying payday loan applications of financially strapped consumers and then reselling that information to marketers whom it knew had no legitimate need for it.
At least one of the marketers who purchased the sensitive personal details, Ideal Financial Solutions of Las Vegas, used the information to siphon millions of dollars from consumers’ accounts without authorization, the FTC charges.
According to the FTC, Ideal Financial bought the information for 50 cents each between 2009 and 2013, and then used the data to steal $7.1 million from the credit cards and bank accounts of more than half a million consumers.
In December of last year, the brokers settled the FTC’s charges that they knowingly sold hundreds of thousands of consumers’ sensitive personal details to scammers, including consumers’ names, phone numbers, addresses, Social Security numbers and bank account numbers.
As part of the LeapLab lawsuit settlement, the FTC proposed a set of orders in the U.S. District Court, including a $5.7 million monetary judgment, which the court suspended based on the defendants’ sworn inability to pay, and an unsuspended $4.1 million default judgment with similar prohibitions against SiteSearch, another defendant.
In addition to the settlement orders, the court prohibited the defendants from misleading consumers about the terms of a loan offer or the likelihood of getting a loan, and instructed them to destroy any consumer data in their possession within 30 days.
The orders have the force of law when approved and signed by the District Court judge.
“This case shows that the illegitimate use of sensitive financial information causes real harm to consumers,” said Jessica Rich, Director of the Federal Trade Commission’s Bureau of Consumer Protection. “Defendants like those in this case harm consumers twice: first by facilitating the theft of their money and second by undermining consumers’ confidence about providing their personal information to legitimate lenders.”
Payday loans are extensions of unsecured credit that a borrower agrees to repay in a short time, such as when they receive their next paycheck. Lenders who offer these loans claim they help people who are strapped for cash, but consumer advocates say the loans hurt borrowers because borrowers often end up with high debt due to high interest rates, fees and rolling over the loans.
While Payday loan companies are probably among the last places cash strapped small business owners are likely to go looking for financing, this case is an important reminder about the need to be extra careful when selecting a lender. It’s also a good reminder for small businesses that deal with customer data about the importance of taking care not to share that information unlawfully.
Federal Trade Commission Photo via Shutterstock
As if the actual payday loans weren’t bad enough, they sold the data to scammers? This is another level of exploitation. They deserve every punishment they have coming.