The US Consumer Financial Protection Bureau (CFPB) has reached a
settlement with online payment company Dwolla regarding deceptive claims
the company made about its security practices. CFPB alleged that between
2010 and 2014, Dwolla misrepresented the amount of data that they
encrypted, and misled customers about the level of security it used. One
of the issues identified was that Dwolla transmitted or encouraged
consumers to transmit sensitive data in the clear. Dwolla will pay US
$100,000.
http://thehill.com/policy/cybersecurity/271636-feds-go-after-online-payment-firm-for-deceptive-cybersecurity
