ARCHIVED CONTENT
You are viewing ARCHIVED CONTENT released online between 1 April 2010 and 24 August 2018 or content that has been selectively archived and is no longer active. Content in this archive is NOT UPDATED, and links may not function.Extract from article by Alysa Zeltzer Hutnik and Sharon Kim Schiavetti
On March 2, the CFPB settled its first data security enforcement action against Iowa-based Dwolla Inc. Launched as a startup in 2009, Dwolla is an online payment platform that enables customers to transfer money directly to/from their bank accounts. Since its inception, Dwolla had been collecting customers’ sensitive personal information, including their name, address, date of birth, telephone number, Social Security number, bank account and routing numbers, a password, and a unique 4-digit PIN. By May 2015, Dwolla allegedly had amassed 650,000 users and was transferring on their behalf an estimated $5 million a day. The CFPB alleged Dwolla […]