Smartphone Maker HTC Settles with U.S. Agency on Data Security Failings

Smartphone Maker HTC Settles with U.S. Agency on Data Security Failings HTC America, the U.S. division of the smartphone and tablet maker, failed to secure millions of mobile devices against security flaws that put at risk sensitive consumer data, the Federal Trade Commission said today.
HTC America has agreed to settle FTC charges that it did not take “reasonable steps to secure” software against security flaws that may have exposed sensitive information about millions of consumers through malicious software.
The settlement requires HTC to come up with software patches to fix vulnerabilities found in millions of HTC devices.
Because of these vulnerabilities, the FTC alleged that millions of HTC devices potentially allowed malicious applications to send text messages, record audio, and even install additional malware onto a consumer’s device, all without the user’s knowledge or consent.
The FTC alleged that malware placed on consumers’ devices without their permission could be used to record and transmit information entered into or stored on the device, including financial account numbers and related access codes or medical information such as text messages received from healthcare providers and calendar entries concerning doctor’s appointments.
The settlement requires HTC America to establish a comprehensive  program to address security risks during the development of HTC devices and to undergo independent security assessments every other year for the next 20 years.
HTC develops and manufactures mobile devices based on the Android, Windows Mobile, and Windows Phone operating systems. HTC America has customized the software on these devices separate itself from competitors and to comply with the requirements of mobile network operators.

Leave a Reply

Your email address will not be published. Required fields are marked *