FTC and Data Analytics Company Reach Settlement Over Mortgage Data Security Incident

    On December 15, 2020, the Federal Trade Commission (FTC) announced a settlement with mortgage services company Ascension Data & Analytics, LLC over allegations that the firm failed to ensure its third-party vendor, OpticsML, was sufficiently securing the personal data and tax return information of approximately 60,000 customers.

    The FTC alleged that Ascension violated the Gramm-Leach-Bliley Act’s Safeguards Rule in addition to the firm’s internal policies after information stored on a cloud-based server was accessed by unauthorized users with IP addresses originating from Russia and China. The settlement requires Ascension to “implement a comprehensive data security program and obtain initial and biennial assessments of its data security program for ten years.”

    Read more at Mondaq

    Need a Data Privacy, Protection, and Security expert?

    If you are in need of an expert with experience in data privacy and data security disputes, we invite you to consider DisputeSoft.