Connecticut AG Announces Agreement with MetLife over 2009 Breach Incident

Posted on January 27, 2012 by Hunton & Williams LLP

On January 24, 2011, Connecticut Attorney General George Jepsen and Consumer Protection Commissioner William Rubenstein announced that they had reached an Assurance of Voluntary Compliance (“AVC”) with Metropolitan Life Insurance Co. (“MetLife”) in connection with an incident involving the disclosure of customer personal information on the Internet. In November 2009, a MetLife employee posted the personally identifiable information of current and former MetLife customers, including their Social Security numbers, on the Internet. Following the discovery of the posting, MetLife acted to mitigate possible harm by providing credit monitoring and identity theft insurance to the affected customers.

As part of the AVC, MetLife agreed to pay a civil penalty of $10,000 to reimburse Connecticut’s investigative and enforcement costs and consumer losses. MetLife also agreed to reimburse consumers who paid to place a security freeze on their credit file as a result of the incident, and to improve its employee training materials to include a specific prohibition against posting Social Security numbers on the Internet.

Read the announcement and the accompanying AVC.

Tags: Connecticut, Consumer Protection, Credit Monitoring, Enforcement, Identity Theft, Personally Identifiable Information, Security Breach, Social Security Number, State Attorneys General, U.S. State Law

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>