DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Rental Research Services, Inc. settles FTC charges that it sold credit reports to ID thieves

Posted on March 5, 2009 by Dissent

Rental Research Services, Inc. , a consumer reporting agency, and its principal, Lee Mikkelson, settled FTC charges that they  failed to properly screen prospective customers and sold at least 318 credit reports to identity thieves.

Under the settlement, the company and its principal must ensure that they provide credit reports only to legitimate businesses for lawful purposes, use a comprehensive information security program, and obtain independent audits every other year for 20 years. The settlement also imposes a $500,000 penalty but suspends payment due to the defendants’ inability to pay.

Read more on the FTC site.

Update: Lee Mikkelson has submitted a press release, which appears as a comment to this entry.

No related posts.

Category: Breach IncidentsBusiness SectorID TheftOtherU.S.

Post navigation

← AU: Bank confirms credit card fraud from Bottle Domains hack
Another stolen FEMA laptop highlights data protection problems within the agency →

1 thought on “Rental Research Services, Inc. settles FTC charges that it sold credit reports to ID thieves”

  1. Lee Mikkelson says:
    March 5, 2009 at 7:16 pm

    PRESS RELEASE

    RENTAL RESEARCH SERVICES, INC. ENTERS INTO CONSENT DECREE
    WITH THE FEDERAL TRADE COMMISSION

    In January of 2006 Rental Research Services, Inc. was the victim of an elaborate identity theft crime. The criminals who committed this crime had stolen the identity of the owner of a legitimate Florida business and set up an account with us using his credentials. No other client accounts were affected in any way. The perpetrators of this criminal act were already in possession of the names, dates of birth, social security numbers and addresses of the affected consumers PRIOR to setting up this fraudulent account. The criminals then used that stolen information to obtain further information on those consumers via their account with us. Rental Research Services, Inc. acted immediately to close the account upon identification of suspected fraudulent activity, notified the affected consumers, identified and corrected the loophole in our account registration procedures following a company-wide assessment, and worked proactively with Federal and State law enforcement authorities to assist their efforts to identify and apprehend the suspects. This single incident remains the only such incident in the 40 years Rental Research Services, Inc. has been in business.

    Our systems were not hacked–our computer security was not breached. This was a onetime event and perpetrated by experienced, technically sophisticated, identity thieves who were able to identify and use a loophole in our manual account registration procedures. Although we believe that our security and our account registration procedures were state of the art, and were reflective of the general industry standards, we have entered into a consent decree with the Federal Trade Commission (FTC). The consent decree is a reflection of our intent to further strengthen our account registration procedures beyond just the general industry standard, to be the best, most secure in the industry. Rental Research Services, Inc., by entering into this consent decree with the FTC, admits no wrongdoing and has at no time violated any law. Our decision to enter into a consent decree with the FTC was based on litigation being cost prohibitive and wanting our capital resources to be used to strengthen and grow our business, as opposed to being spent on additional legal fees and expenses

    The most unfortunate part this event is that after the efforts of law enforcement resulted in a number of arrests and federal charges against those who are believed to have engaged in the above criminal acts, most of the defendant’s skipped bail, and at this time, are at large and free to commit these same crimes again. We believe that our justice system must take further steps to treat these criminals with the seriousness that their crimes deserve, to protect us all as we move further into the Electronic Age.

    Biography: Rental Research Services, Inc. is the nation’s oldest resident screening service and provides services to professional property management companies across the country.

    Contact: Lee Mikkelson, Managing Partner
    [email protected]
    952-852-2090

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.