38/47
Microsoft
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
Zoom
ENDURING CHANGES
GUESS
CONSUMER SERVICE PROVIDER
Case-specific changes
MTS INC
02/01/2021
PETCO
BJ's Wholesale Club
Zoom is a videoconferencing software provider.
The FTC complaint alleged that they engaged in deceptive practices because, despite their claims that they employed end-to-end and 256-bit encryption and they encrypted recorded meetings, they did not use end-to-end encryption, used a lower level of encryption than 256-bit, and stored meeting recordings unencrypted for 60 days.
Zoom
SkyMed
Support King
DLink
37/47
Microsoft
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
Tapplock
ENDURING CHANGES
GUESS
Device and Device Software
Case-specific changes
MTS INC
05/20/2020
PETCO
BJ's Wholesale Club
Tapplock is an Internet of Things company that sells internet-connected, fingerprint-enabled padlocks.
The FTC complaint alleged that they engaged in deceptive practices because their smart locks had reasonably foreseeable electronic security vulnerabilities, including one which allowed a researcher to bypass the account authentication process to gain full access to all Tapplock user account and personal information, that could allow the exposure of the personal information of all Tapplock users.
Infotrax
Tapplock
DLink
36/47
Microsoft
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
Infotrax
ENDURING CHANGES
GUESS
BUSINESS SOFTWARE SERVICES
Case-specific changes
MTS INC
01/06/2020
PETCO
BJ's Wholesale Club
InfoTrax is a technology company providing backend operations systems and online distributor tools.
The FTC complaint alleged that Infotrax and its founder and CEO Mark Rawlins, enagaged in unfair practices because they failed to implement reasonable measures to protect consumers' information, such as by failing to encrypt consumer personal information stored on InfoTrax's network, failing to detect malicious file uploads, and failing to have a data retention schedule or deletion process for consumer information, leading to multiple security incidents including one in which a hacker uploaded malicious code that provided remote access to InfoTrax's server and exfiltrated the information of one million consumers, including social security numbers, addresses, telephone numbers, names, email addresses, and login credentials
Infotrax
Tapplock
DLink