The U.S. Federal Trade Commission has announced it voted 5-0 to approve a final settlement with DealerBuilt over the company's alleged insufficient data protection. The FTC claimed the Iowa-based auto dealer software provider did not properly protect the personal information of 12.6 million consumers that ended up being exposed in a data breach in October 2016. According to the FTC, DealerBuilt's settlement prohibits the provider from "sharing, collecting, or maintaining personal information unless it implements and maintains a comprehensive information security program designed to protect the personal information it collects." The settlement also requires the provider to obtain third-party assessments of its information security program every two years.
If you want to comment on this post, you need to login.