I have Norton Antivirus (aka Symantec Antivirus) as my virus protection software for my desktops and laptops. For the most part, I like it. It's a little too intrusive for my tastes when running at its default settings, but those can be toned down or turned off. One of the things I don't like about it is that every few days or so, it pops up an ad on my desktop about more services it would like me to buy. Even those I tend to ignore, but the one it is repeatedly trying to get me to buy is LifeLock protection against identity theft.
I am sorry, Norton, but that's pretty contemptible. First, they really should mention upfront that Symantec owns LifeLock. They bought it in February 2017 for a reported $2.3 billion. I understand why they are hawking this so hard; they need to make back that investment.
If LifeLock was a great product, this would not rub me the wrong way so much, but it's a questionable company at best. You might remember that the original co-founder and former CEO Todd Davis put his actual social security number on billboard ads. Well, it seems he needed better security as it was reported his identity was stolen 13 times. Then there's the little matter of the $12 million LifeLock paid to the FTC and 35 states in 2010 for false claims and the $100 million settlement to consumers in December 2015 stemming from an FTC’s Contempt filing stemming from violating the terms of the 2010 agreement. Yeah, that's the sort of company I want watching out for me.
You probably are aware of why there all this interest in identity theft protection - the Equifax security breach. The breach occurred early to mid-2017, was discovered (according to Equifax) on July 29, 2017, but was not reported until September 7, 2017. The breach was originally reported to affect 143 million people but was later revised upward to 145.5 million. Why did it take so long to report the breach? Well, I'm sure that they wanted to investigate it first. It also just happened to be the time where several Equifax high-level executives sold off a crap-ton of Equifax stock, which is something Equifax is investigating. The US Senate is also interested in the sale. Equifax claims the timing was a coincidence and that the executives were not aware of the security breach at the time. The largest security breach by far to date and they were not aware of it? Even the CFO who sold off $946,374 in stock? They knew that revealing this news was going to cause the stock to take a hit. It seems like something you'd loop the CFO in on.
It's also the gift that keeps on giving. Last week, when Equifax reported on the breach to the US Senate Banking Committee, they mentioned that the hackers might have gotten more data than originally reported including driver's license details and tax IDs. I am so glad they have lots of my personal data. Why do they even have the driver's license data?
So, why harp on Equifax when this is a post about LifeLock? Well first off, the breach has been a real Good Thing® for LifeLock. From that article, "LifeLock says it has gotten over 100,000 customer signups since the Equifax news broke. It said it's enrolling 10 times as many customers every hour now as a result." If anything, LifeLock would probably like a few more breaches of that scale. They may have the self-fulfilling prophecy here in that LifeLock uses Equifax to provide credit monitoring services. Part of that is sharing your data with Equifax. That's the scummy part. The people who are supposed to be protecting your data are sharing it with the people who lost it in the first place.
Now, I'm not saying there's any coercion happening here. However, I can't help but have a little voice inside my head of a little guy with a LifeLock polo shirt saying in his best Mafioso voice, "That's a real nice identity you got there. Be a shame if anything happened to it."