14 DAY TRIAL // Two debt collectors published personally identifiable information (PII) of over 70,000 consumers on a website, without attempting to redact the sensitive details in any way.
The files were Excel spreadsheets and included consumer details such as bank account and credit card numbers, birth dates, contact information, employers’ names, and information about debts the consumers allegedly owed.
None of this information should be made public because malicious third-parties could take advantage of it and cause harm to the victims.
The Federal Trade Commission (FTC) intervened and made a complaint to a federal court about violation of privacy by the two debt brokers, asking for measures that would prevent future leaks of information about consumers.
“Debt brokers and collectors who play fast and loose with people’s sensitive personal and financial information are causing tremendous harm,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection.
Apart from the obvious identity theft risk, the consumers whose private data has been publicly exposed can also fall victim to “phantom” debt collection, a scam pulled by crooks to collect the debts for themselves.
According to the FTC, the data has been downloaded more than 500 times from the websites it was posted on.
The two debt collecting companies, Cornerstone and Company, LLC, of Riverside, California, and Bayview Solutions, LLC, of St. Petersburg, Florida, have also been ordered to issue disclosure notifications to all affected parties, so that they can take proper protection measures and report fraud attempts to the authorities.
