Utah-based tech company InfoTrax Systems got hacked and had the personal info of over a million clients stolen following a series of more than 20 undetected network intrusions. The company is prohibited from collecting, selling, sharing, or storing any consumer personal information until it addresses the security issues described in the FTC’s proposed settlement. The FTC also required InfoTraX to conduct third-party audits of their new information security program every two years to confirm its capability to protect the security, integrity, and confidentiality of the information stored on its servers. While the total number of consumers infoTrax stored information on at the time of the hacks, the FTC says that it stored personal info
Source: https://www.bleepingcomputer.com/news/security/infotrax-gets-slap-on-the-wrist-after-being-breached-20-times/