Nations Holding, a real estate company operating in 44 states, must improve its information security practices and submit to biennial security audits for the next 20 years under a settlement with the Federal Trade Commission.The FTC charged that the company had allowed a common Web attack to compromise customer data, and that its Nations Title Agency (NTA) subsidiary had disposed of home-loan applications containing customers’ personal data in a public Dumpster.The resolution is similar to those of several cases the FTC has settled in the past couple of years, including cases against DSW, a footwear retailer, and BJ’s Wholesale Club, in which customer data was compromised. Data broker ChoicePoint received an even stiffer penalty in January—a $15 million fine—partly because it failed to tighten its procedures after law enforcement alerted the company to fraudulent activity.“Data security has been surprisingly lax at a number of companies,” said FTC Chairwoman Deborah Platt Majoras in a recent speech, adding that the agency looks for “reasonableness, not perfection” in company security practices. “The cases we’re bringing have not been close calls,” she said. Nations Holding and NTA obtain personal consumer information, including names, Social Security numbers and credit histories to provide home purchasing services such as appraisals and title insurance.Among the company’s security lapses, the FTC said, were the failure to implement “simple, low-cost, readily available” defenses to common website attacks and the failure to implement “reasonable” policies in key areas such as employee screening and training or the handling of personal data. The FTC said that in April 2004, a hacker used a common Web attack to gain access to Nations Holding’s computer network. The agency did not specify the type of attack. In addition, the FTC said, in February 2005, a Kansas City TV station found paperwork containing customers’ personal information in a Dumpster ¿outside the building. Related content feature Expedia poised to take flight with generative AI CTO Rathi Murthy sees the online travel service’s vast troves of data and AI expertise fueling a two-pronged transformation strategy aimed at growing the company by bringing more of the travel industry online. By Paula Rooney Jun 02, 2023 7 mins Travel and Hospitality Industry Digital Transformation Artificial Intelligence case study Deoleo doubles down on sustainability through digital transformation The Spanish multinational olive oil processing company is immersed in a digital transformation journey to achieve operational efficiency and contribute to the company's sustainability strategy. By Nuria Cordon Jun 02, 2023 6 mins CIO Supply Chain Digital Transformation brandpost Resilient data backup and recovery is critical to enterprise success As global data volumes rise, business must prioritize their resiliency strategies. By Neal Weinberg Jun 01, 2023 4 mins Security brandpost Democratizing HPC with multicloud to accelerate engineering innovations Cloud for HPC is facilitating broader access to high performance computing and accelerating innovations and opportunities for all types of organizations. By Tanya O'Hara Jun 01, 2023 6 mins Multi Cloud Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe