The Federal Trade Commission (FTC) released an alert, warning companies that they may face legal penalties if they aren’t taking the proper steps to mitigate Log4j vulnerabilities to protect consumer information. Earlier this month, FTC officials said there is a “severe risk” to consumer products, software, and applications caused by a vulnerability in the Java logging package. This vulnerability is being exploited by hackers and it is critical that vendors who rely on Log4j take the proper precautions to reduce their likelihood of an attack.

An example of this is the Equifax breach, which was caused by failing to patch a known vulnerability. Because of this vulnerability, the personal information of 147 million consumers was left exposed. Equifax paid $700 million to settle actions taken by the FTC. The FTC intends to pursue any companies that fail to take steps to protect consumer data from exposures caused by Log4j, or similar vulnerabilities that may occur in the future.

The FTC advises companies to keep your Log4j software package updated to the most recent version, and reference Log4j Vulnerability Guidance provided by CISA. This FTC alert is a wake-up call to many companies that cyber threats are evolving, and so are security requirements and legal actions that will be taken if they do not take the proper steps to protect consumer information.

Introducing PhishMarket,

Click here for a new way to secure your most valuable asset— your employees.

 

Not Ready to Commit?

Subscribe To Our Newsletter

Join our mailing list to receive the latest tips and news about cyber security and data privacy

Learn More About Cyber Awareness

You have successfully Subscribed! Please make sure to check your email to confirm registration.

Share This