1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
The FTC has taken action against Illusory Systems, Inc. (doing business as Nomad) for failing to implement adequate data security measures, which led to a breach where hackers stole $186 million from consumers. The company is required to return the stolen funds and implement an information security program.
$186.0M
The FTC finalized an order with GoDaddy for failing to implement adequate data security measures and misleading consumers about its security and Privacy Shield compliance. The order prohibits misrepresentations, requires a comprehensive security program, and mandates independent assessments.
The FTC charged Marriott International and Starwood Hotels with failing to implement reasonable data security, leading to three data breaches affecting over 344 million customers. Under a proposed consent order, the companies must implement a comprehensive information security program, certify compliance annually for 20 years, and provide customers with ways to delete personal information and restore stolen loyalty points.
The FTC finalized a consent order against Blackbaud Inc. for alleged security failures that led to a data breach exposing personal data of millions of consumers. Blackbaud must delete unnecessary data, implement a security program, and not misrepresent its policies. No monetary penalty was imposed.
The FTC settled with Ring for failing to secure consumer videos, allowing unauthorized access by employees and hackers. Ring agreed to provide $5.6 million in refunds to affected customers and implement security measures.
$5.6M
The FTC finalized an order against Drizly and its CEO for security failures that led to a data breach exposing 2.5 million consumers' personal information. Drizly failed to implement basic security measures despite prior alerts. The order requires Drizly to destroy unnecessary data, implement a security program, and publicly detail data collection practices.
The FTC settled with CafePress for failing to implement reasonable data security measures, leading to multiple breaches that exposed Social Security numbers and other sensitive data. As part of the settlement, over $370,000 in refunds are being distributed to 20,044 consumers who filed valid claims.
$370K
All data sourced from official government enforcement pages.