Attorney General George Jepsen and Consumer Protection Commissioner William Rubenstein have reached an agreement with Metropolitan Life Insurance Co. to provide additional protections to the current and former customers whose personal information was made public.
Information of current and former MetLife customers was part of a spreadsheet posted to the Internet by an employee of the company. When one of the customers saw the information in November, 2009, he contacted the employee who then notified the company, which took responsibility for correcting the problem and provided credit monitoring and identity theft insurance for the affected customers.
“The company acted voluntarily to correct the mistake of its employee and to protect its customers,” Attorney General Jepsen said. “But this agreement reinforces the need to make clear to anyone in possession of personally identifiable information about their legal requirements to protect it and ensure that it s not made publicly available.”
Commissioner Rubenstein said, “I share the Attorney General’s heightened concerns over consumer privacy and identity theft issues. In this instance, MetLife has stepped up to the plate to take its responsibilities seriously. We expect all companies to take the necessary steps to protect any personal information they may gather and we will continue to be vigilant in holding their feet to fire to do so.”
MetLife agreed to pay $10,000, which will be placed in a special fund used to reimburse the State’s investigative and enforcement costs, or reimburse these or future consumers for losses. MetLife also agreed to reimburse the cost of placing and lifting once security freeze per credit file per customer. Customers who paid to place or lift a security freeze themselves will be eligible for reimbursement. The company had previously paid for two years of credit monitoring and identity theft insurance for the customers affected.
MetLife also agreed to enhance its employee training policies and procedures about the legal requirements to protect personally identifiable information and specifically to prohibit posting such information to Internet websites.
Assistant Attorney General Matthew Fitzsimmons handled this matter for the Attorney General with Assistant Attorney General Phillip Rosario, head of the Consumer Protection department.
Source: Connecticut Attorney General George Jepsen