Just before the Christmas holiday, the U.S. Federal Trade Commission (FTC) announced that it had charged a data broker with selling consumers' sensitive personal information to fraudsters to commit theft and fraud:
"... LeapLab bought payday loan applications of financially strapped consumers, and then sold that information to marketers whom it knew had no legitimate need for it. At least one of those marketers, Ideal Financial Solutions – a defendant in another FTC case – allegedly used the information to withdraw millions of dollars from consumers’ accounts without their authorization."
Defendants named in the lawsuit include Sitesearch Corporation (doing business as LeapLab), LeapLab, LLC (based in Arizona), Leads Company (based in Nevada), and John Ayers. LeapLab's Twitter account seems dormant, and its website is not operating. BusinessWeek lists John Ayers as Chairman of the Board of LeapLab.
In its complaint, the FTC alleged that LeapLab:
"... collected hundreds of thousands of payday loan applications from payday loan websites known as publishers. Publishers typically offer to help consumers obtain payday loans. To do so, they ask for consumers’ sensitive financial information to evaluate their loan applications and transfer funds to their bank accounts if the loan is approved... The defendants sold approximately five percent of these loan applications to online lenders, who paid them between $10 and $150 per lead... the defendants sold the remaining 95 percent for approximately $0.50 each to third parties who were not online lenders and had no legitimate need for this financial information."
So, your bank account information is worth 50 cents to fraudsters. The sensitive consumer information LeapLab allegedly sold to non-lender third parties included consumer’s names, addresses, phone numbers, employers, Social Security numbers, bank account numbers, and bank routing numbers. Who were these non-lender third parties? They included:
"... marketers that made unsolicited sales offers to consumers via email, text message, or telephone call; data brokers that aggregated and then resold consumer information; and phony internet merchants like Ideal Financial Solutions. According to the FTC’s complaint, the defendants had reason to believe these marketers had no legitimate need for the sensitive information they were selling..."
In a separate complaint, the FTC sued Ideal Financial Solutions (based in Las Vegas, Nevada), for allegedly buying information about 2.4 million consumers between 2009 and 2013 from data brokers and using that information:
"... to make millions of dollars in unauthorized debits and charges for purported financial products that the consumers never purchased. LeapLab provided account information for at least 16 percent these victims."
"The complaints are part of a multiyear government crackdown on fraudulent debt collection and other scams that target people in financial distress. But the case against LeapLab indicates that federal regulators are now widening their investigation to include the middlemen who traffic in the kind of closely held consumer details that can make consumers vulnerable to financial scams... Frederick G. Gamble, a lawyer in Tempe, Ariz., who was listed as a statutory agent of LeapLab, did not respond a voice mail message seeking comment..."
Thanks to the FTC staff for enforcing credit laws. I look forward to the FTC pursuing more data brokers and non-lender third parties who engage in similar behaviors.
Thee has to be strong consequences for this type of wrongdoing. I hope that the defendants pay fines, pay the credit monitoring and resolution costs for affected consumers, and serve time in prison. That sounds about right for the amount of damages inflicted upon consumers.
What are your opinions?