47/47
Microsoft
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
Global Tel*Link
ENDURING CHANGES
GUESS
TELECOMMUNICATIONS
Case-specific changes
MTS INC
02/23/2024
PETCO
BJ's Wholesale Club
Global Tel*Link is a telecommunications provider.
The FTC complaint alleged that Global Tel*Link and two of its subsidiaries engaged in unfair and deceptive acts or practices because, despite claiming to implement reasonable measures to protect consumers' information from unauthorized access, their Amazon Web Services cloud storage environment was left accessible via the internet without a password or other access controls, allowing hackers to exfiltrate information on hundreds of thousands of consumers, including their names, dates of birth, driver's license numbers, passport numbers, individuals race, religion, gender identity, location information, and communications with loved ones, which was later posted on the dark web.
DLink
Blackbaud
Global Tel*Link
46/47
Microsoft
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
Blackbaud
ENDURING CHANGES
GUESS
BUSINESS SOFTWARE SERVICES
Case-specific changes
MTS INC
02/01/2024
PETCO
BJ's Wholesale Club
Blackbaud is provider of cloud-based financial, fundraising, and administrative software systems.
The FTC complaint alleged that they engaged in unfair and deceptive because, despite their claims that they used appropriate measures to protect the information they stored on behalf of their customers, they failed to do so, such as by failing to implement password controls, failing to mandate multifactor authentication for employees and customers, and failing to patch outdated software and systems, leading to a hacker using a customer's login credential to access Blackbaud's database and exfiltrate files belonging to BlackBaud's customers that contained information on millions of consumers, including their names, birth dates, addresses, financial and medical information, social security numbers, marital status, employment information, religious beliefs, and educational information.
DLink
Blackbaud
Global Tel*Link
45/47
Microsoft
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
1Health.io/Vitagene
ENDURING CHANGES
GUESS
HEALTH TECH
Case-specific changes
MTS INC
09/07/2023
PETCO
BJ's Wholesale Club
1Health.io, also doing business as Vitagene, develops and sells DNA Testing Kits.
The FTC complaint alleged that they engaged in deceptive acts or practices because, despite their claims that they implemented measures that exceeded industry standards to protect consumers' information and that they stored consumers' DNA without any other identifying information, 1Health.io created two publicly accessible Amazon S3 Datastore Buckets, storing health reports and genetic data alongside consumers' names, leading to the pubic exposures of genetic and health information of over 2,600 consumers.
Drizly
Chegg
DLink
Ring
1Health.io