14 DAY TRIAL // The US Federal Trade Commission (FTC) has filed a complaint against LabMD, Inc., an Atlanta-based medical testing lab. The FTC alleges that the company has exposed the personal information of close to 10,000 people.
According to the agency, the LabMD billing information of over 9,000 individuals was posted on a peer-to-peer file-sharing network. The data included social security numbers, names, dates of birth, insurance info, and medical treatment codes.
In addition, in 2012, the personal information of at least 500 individuals was found in the possession of identity thieves. At the time, police found documents containing names, social security numbers and, in some cases, even bank account information.
“The unauthorized exposure of consumers’ personal data puts them at risk,” said Jessica Rich, Director of the FTC’s Bureau of Consumer Protection.
“The FTC is committed to ensuring that firms who collect that data use reasonable and appropriate security measures to prevent it from falling into the hands of identity thieves and other unauthorized users.”
On the other hand, LabMD representatives deny the accusations.
In a statement sent to Ars Technica, the company’s representatives noted, “The Federal Trade Commission’s enforcement action against LabMD based, in part, on the alleged actions of Internet trolls, is yet another example of the FTC’s pattern of abusing its authority to engage in an ongoing witch hunt against private businesses.”
“The allegations in the FTC’s complaint are just that: allegations. LabMD looks forward to vigorously fighting against the FTC’s overreach by seeking recourse through the available legal processes,” the statement continues.
“The FTC has repeatedly overstepped its statutory authority under Section 5 of the Federal Trade Commission Act and the FTC does not have the authority to bring this enforcement action.”