On April 13, the FTC announced that two debt brokers agreed to settle two separate cases filed last year involving the leaking of over 55,000 consumers’ personal information. The brokers allegedly shared consumers’ personal information online – including credit card numbers, names, addresses, and bank account numbers – via unencrypted documents. Although the information was geared towards members of the debt collection industry, it was available to anyone with an internet connection. According to the FTC, the publicly available information put consumers at risk of identity theft and/or phantom debt collection. Under the terms of both proposed settlement agreements (Orders), the brokers would be required to: (i) implement and effectively maintain security programs that will protect consumers’ information; and (ii) have their respective security programs examined initially by a certified third party and again, thereafter, every two years for a duration of 20 years after service of the Orders. The FTC unanimously approved the proposed Orders and has filed them in the U.S. District Court for the District of Columbia for final court approval.